Showing posts with label ways to prevent data breaches. Show all posts
Showing posts with label ways to prevent data breaches. Show all posts

Monday 15 May 2017

Top 10 ways to prevent an IT security breach

Or, Top 10 IT security breaches prevention approaches

Eliminating security breaches completely is an impossible task, however there are many things that employees can do to mitigate the threat. In this article, I am going to share ten easy-to-implement policies (created by looking at some high profile security breaches of the past) which, if followed to precision, will drastically reduce the chance of a security breach.

1. Stringent password policy

As cliché as it sounds, securing passwords (including changing default passwords and not re-using old passwords) goes a long way to averting security breaches. Create a specific policy for securing passwords; such as including special characters, minimum length, expiration dates, no repetition and no password sharing.
Many devices and applications in large enterprises are protected by default passwords. You’d better believe that attackers are also aware of this and can exploit it. Be sure to change those default passwords!

2. Disable old, unused or inactive user accounts

Old, unused and inactive user accounts can all become the source of a security attack. Security breaches are easier to pull off in an unclean Active Directory. The easy way to counter this is to ensure that whenever employees (either regular or contractual) leave the organization, make sure to disable their accounts – especially the ones that had privileged access.

3. Automate security

Automate your security initiatives. Use systems that automatically check password settings, unused/stale user and computer accounts, server settings and firewall configurations. Systems like this are vital because to be vigilant in all these areas requires a tremendous amount of time and man-power without them. There is an abundance of third-party solutions on the market today that can offer this service in an affordable way.

4. Enable auditing and examine logs

Good administrators know the importance of auditing, and will monitor system logs regularly and meticulously. As I am covering the best ways to avoid security breaches in this article, I’m going to be putting particular stress on security logs, as they are the first line of defense.
Let’s say, for example, you have a folder containing a set of highly important project files with non-owner file access enabled, and while reviewing the Windows server security log, the administrator comes across a file access event log. That should immediately raise alarm bells and you should be able to determine who accessed the file and for what purpose.

5. Encrypt Data

All sensitive information in your organization (whether it’s on your desktop, laptop or a portable storage device) should be encrypted. That way, even if someone manages to get access to the devices, data will still remain inaccessible. There are many third-party file encryption solution providers on the market to satisfy this requirement.

6. Do regular network scans

Doing regular network scans and comparing them against an active baseline inventory can help thwart a security breach. This will help you detect when and where a rogue app on the network was installed. You can do this using the NetView: a built-in Microsoft command. Third-party applications can also be used to scan the network; these apps are typically in a GUI format and are more informative.

7. Monitor outbound network traffic

Attackers these days use advanced and sophisticated malwares to avoid detection. One way of exposing them is to monitor outbound network traffic. Alarms should be raised when the amount of outbound traffic is abnormally high. Most firewall applications can monitor outbound traffic and deliver scheduled reports.

8. Apply patches and update systems regularly

One way to stop security breach attempts originating from outside the network's perimeter is by keeping operating systems and applications up to date. If the operating system and applications are updated regularly, they are more likely to be able to deal with attacks.
Using a product like Microsoft Baseline Security Analyzer (MBSA) can do this for you. It is an app released by Microsoft that evaluates missing security updates and less-secure security settings within Microsoft Windows in order to tell you when an update is required. It is an effective way to ensure that hardware and software in the network have the latest patches.

9. Devise and implement a disaster recovery plan

Irrespective of the size the organization, a disaster recovery plan is vital in providing continuity in the case of disasters. After an attack, instead of panicking, employees will have a step-by-step guide to follow that will help bring systems back to normal. There are many consultants available that can help you create a resilient disaster recovery plan that is specific to your requirements.

10. Raise awareness

Create an overall atmosphere of heightened security in the organization. All employees, whether a junior help-desk or a senior administrator, need to be aware of the risks their job profiles carry (and how such risks can be mitigated).

The Conclusion

These points raised in this article are intended to make you aware of the security risks your organization faces every day and the best ways to overcome them. However, this is only the first step. Use this guide to implement a layered security approach and devise policies, procedures and audit solutions that can mitigate security threats. If you have any questions about any of the above given points, or any points you feel should be on this list, let me know in the comments below.

Author

"Ajit Singh, Marketing Manager for IT auditing, security and compliance vendor, Lepide - www.lepide.com"