Or, Top 10 IT security breaches prevention approaches
Eliminating security
breaches completely is an impossible task, however there are many things that
employees can do to mitigate the threat. In this article, I am going to share ten
easy-to-implement policies (created by looking at some high profile security
breaches of the past) which, if followed to precision, will
drastically reduce the chance of a security breach.
1. Stringent
password policy
As cliché as it sounds, securing passwords (including changing default passwords and not re-using old
passwords) goes a long way to averting security breaches. Create a specific
policy for securing passwords; such as including special characters, minimum
length, expiration dates, no repetition and no password sharing.
Many devices and applications in large enterprises are protected
by default passwords. You’d better believe that attackers are also aware of
this and can exploit it. Be sure to change those default passwords!
2. Disable
old, unused or inactive user accounts
Old, unused and inactive user accounts can all become the source
of a security attack. Security breaches are easier to pull off in an unclean
Active Directory. The easy way to counter this is to
ensure that whenever employees (either
regular or contractual) leave the organization, make sure to disable their
accounts – especially the ones that had privileged access.
3. Automate security
Automate your security initiatives. Use systems that automatically
check password settings, unused/stale user and computer accounts, server
settings and firewall configurations. Systems like this are vital because to be
vigilant in all these areas requires a tremendous amount of time and man-power
without them. There is an abundance of third-party solutions on the market
today that can offer this service in an affordable way.
4. Enable
auditing and examine logs
Good administrators know the importance of auditing, and
will monitor system logs regularly and meticulously. As I am covering the best
ways to avoid security breaches in this article, I’m going to be putting
particular stress on security logs, as they are the first line
of defense.
Let’s say, for example, you have a folder containing a set of
highly important project files with non-owner file access
enabled, and while reviewing the Windows server security
log, the administrator comes across a file access event log. That should
immediately raise alarm bells and you should be able to determine who accessed
the file and for what purpose.
5. Encrypt
Data
All sensitive information in your organization (whether it’s on
your desktop, laptop or a portable storage device) should be encrypted. That
way, even if someone manages to get access to the devices, data will still
remain inaccessible. There are many third-party file encryption solution
providers on the market to satisfy this requirement.
6. Do
regular network scans
Doing regular network scans and comparing them against an
active baseline inventory can help thwart a security breach. This will help you
detect when and where a rogue app on the network
was installed. You can do this
using the NetView: a built-in Microsoft command. Third-party applications can
also be used to scan the network; these
apps are typically in a
GUI format and are more informative.
7. Monitor
outbound network traffic
Attackers these days use advanced and sophisticated malwares to
avoid detection. One way of exposing them is to monitor outbound network
traffic. Alarms should be raised when the amount of outbound traffic
is abnormally high. Most firewall applications can monitor outbound traffic and
deliver scheduled reports.
8. Apply
patches and update systems regularly
One way to stop security breach attempts originating from outside
the network's perimeter is by keeping operating systems and applications up to
date. If the operating system and applications are updated regularly, they are
more likely to be able to deal with attacks.
Using a product like Microsoft Baseline Security Analyzer (MBSA)
can do this for you. It is an app released by Microsoft that evaluates missing
security updates and less-secure security settings within Microsoft Windows in
order to tell you when an update is required. It is an effective way to ensure
that hardware and software in the network have the latest patches.
9. Devise
and implement a disaster recovery plan
Irrespective of the size the organization, a disaster recovery
plan is vital in providing continuity in the case of disasters. After an
attack, instead of panicking, employees will have a step-by-step guide to
follow that will help bring systems back to normal. There are many consultants
available that can help you create a resilient disaster recovery plan that is
specific to your requirements.
10. Raise
awareness
Create an overall atmosphere of heightened security in the organization.
All employees, whether a junior help-desk or a senior administrator, need to be
aware of the risks their job profiles carry (and how such risks can be
mitigated).
The Conclusion
These points raised in this article are intended to make you aware
of the security risks your organization faces every day and the best ways to
overcome them. However, this is only the first step. Use this guide to
implement a layered security approach and devise policies, procedures and audit
solutions that can mitigate security threats. If you have any
questions about any of the above given points, or any points you feel should be
on this list, let me know in the comments below.
Author
"Ajit
Singh, Marketing Manager for IT auditing, security and compliance vendor,
Lepide - www.lepide.com"
Great tips you have shared to prevent an IT security breach. To prevent security breaches, you have to ensure proper physical security of electronic and physical data. Cgctechnologies provides you the best technology Infrastructure Management in Washington Dc.
ReplyDeleteThanks for your valuable feedback and inputs..
Delete