Page 33 - Cyber Defense eMagazine - September 2017
P. 33

If a security mistake does happen (“Whoops, I clicked on the wrong thing!”), the employee must
               feel safe in notifying the organization of the error immediately. A team member trying to cover
               up a faux pas out of fear is the result of the wrong culture and can cost the company valuable
               time in minimizing the effects of a breach. We all make mistakes — it’s important that when a
               person is in doubt, they have a process in place to follow without fear of being punished.

               Protecting systems


               On a network level, organizations should ensure regular users have appropriately limited access
               privileges and are not given administrative control by default.


               Segregating  critical  systems  can  also  help  protect  the  network.  In  the  event  of  a  malware
               infection, if one computer is infected and compromised, segregating the systems limits what an
               attacker can access.

               Monitoring  user  activity  can  allow  companies  to  spot  suspicious  activity.  For  instance,  large
               amounts of traffic leaving the network could be a sign of data being stolen. Logging all instances
               of failed and successful access to sensitive files should be at the top of the list. This will require
               defining the critical assets on your network and making sure to utilize controls as to who can
               access those assets. Keep in mind though, that logging is just one part of the process. It’s great
               to have logs, but if no one is reviewing those logs, it’s as if they didn’t exist in the first place.

               Many companies let third-party businesses have access to certain aspects of their networks.
               These  third  parties  should  also  be  monitored.  Often,  these  third-party  actors  have  the  same
               access  and  insight  into  your  company’s  operations  as  your  own  employees,  but  many
               companies don’t provide the same level of oversight to these third-parties as they do their own
               employees. Be sure to employ the same security controls here, such as restricting the level of
               access they have, and monitoring their activity on the network. Be sure you have clearly defined
               policies  in  place  that  describe  the  “how,  what,  when”  of  how  the  third-party  will  act  on  your
               network.

               Network security should involve a layered approach and not rely on a single type of technology.
               This could include the use of data loss prevention programs, firewalls, or intrusion  prevention
               systems (IPS). Make sure there are secure, preferably offsite, backups of all the organization’s
               data. Test backups on a regular basis to make sure they work.

               In addition, when an employee is traveling with a laptop, it is critical to ensure the laptop data is
               encrypted. This cuts down on the risk of losing data if the laptop is stolen.

               Other precautions

               System monitoring and upkeep also play an important role in maintaining a proper information
               security posture. Being able to determine if a network attack is related to an active or passive
               threat helps an organization’s IT department to more quickly assess how to respond.


               Other tips:


                    33   Cyber Defense eMagazine – September 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.
   28   29   30   31   32   33   34   35   36   37   38