| |
Top 10 Methods for Securing Your Systems
Untitled 1
Firewalls with built-in Intrusion Prevention, Virus/WORM
Protection, Spyware Blocking, SPAM Filtering, and Web Content Filtering
solutions are called Unified Threat Management (UTM) devices and they protect on
a whole new level then traditional firewalls. These devices can help detect
intrusions and malicious activity within valid network traffic where the
majority of today threats reside. If you haven’t replaced that dusty old
firewall with a UTM device or a
UTM-based
Managed Security Service – look into it TODAY, because it tops this list for
a very good reason.
SPAM is not only a headache and a major waste of time, but it’s also a serious
security risk. Hackers are utilizing this free method of communicating for
more than a sales tool for Viagra, it’s a free way to reach a huge volume of
people and lure into their next scheme. There are several options out
there for stopping SPAM and you can start by implementing rule #1 here on our
Top Ten.
Antivirus software is still vital and should be implemented at not only the
server and workstation level, but also at the network perimeter in an effort to
stop viruses BEFORE they enter the network. Arming all IT assets with antivirus
software and monitoring that the most recent virus definitions are installed is
essential to protecting a computer environment. (refer to rule #1)
Loading Spyware/Malware protection software on all IT assets is a critical
element for protecting confidential information. Just like antivirus software,
be sure to include perimeter protection for Spyware/Malware to ensure your
stopping as much as possible BEFORE it enters your network environment. (refer
to rule #1)
Not allowing end users to run as local administrator. Because when they do this,
they make security decisions for their PCs that can potentially affect the
entire company. Only the professionals in network security/IT should have admin
rights to these machines.
Requiring strong passwords with uppercase, lowercase, numeric and symbolic
characters is very important to securing a network. Network traffic
monitoring/capturing is becoming very easy to perform and as those encrypted
password traverse the network they could be captured, so strong passwords make
it the more difficult for hackers to decrypt and use them. Train users to
create unique passwords they can remember without writing them down.
Understanding Social Engineering techniques and educating end-users is essential
in securing the today’s networks. Social Engineer is nothing new, but it
is making a big comeback, as security controls on networks are improving and the
holes are getting filled. If you’re not already a Social Engineering
expert, hire an
outside
auditor at least once to perform a social engineering audit and use this
information to better educate your IT staff and ultimately the end-users
regarding these threats.
An inventory of all IT assets is also essential, but you must keep it current.
This includes documenting the operating system and software on each asset. It's
critical to know what is supposed to be on the corporate network, so you can
determine what is not supposed to be there.
Secure laptops and portal devices if you think they contain sensitive or NOT!
In many cases these devices leave a trail, if not specific credentials, for
remote access to corporate systems. No one wants to wake up to see the
headline, "Laptop theft at 'Insert your company name here' exposes 600,000 to
risk of identity theft." Use strong authentication and total disk encryption on
all laptops, PDAs and smart phones to better protect the organization's
information.
Patch your systems! This is still one of the most common method hackers
use for intrusions and Denial-of-Service (DoS) attacks. You SHOULD be
using a continuous program of
vulnerability
assessment and patch management to validate those new risks that immerge
almost daily are already addressed within your organization.
|
|
| Find out how the professionals at BAI Security
can help you secure your business. Contact Us Today »
|
|
