When you setup your network's security plan, quite often you have the big
picture covered but sometimes there are those minute details that get shelved
or forgotten. Here are a few items IT security officers should make sure they
have covered.
The weakest link in the security chain is always the end user. There is
always someone who believes they know better or a policy doesn’t apply to them.
To the extent that compliance with security policies can be automatically
enforced even for the professionals, they should.
Have a clear escalation plan when trouble is suspected
A major retailer had warnings there was trouble with a point of sale system,
but the timing of the alerts coincided with critical shopping periods.
The staff that were concerned did not have the authority to take the systems
offline and investigate, nor could they locate anyone with the authority.
Subsequently, a disaster ensued. The problem could have been contained had
someone acted when they first suspected trouble. Be sure your staff knows who
has the authority to make the hard call at the first sign of trouble or give
them the authority to do so themselves.
The military is famous for redundancy when something irreversible is about
to be set in motion. Two officers are required to activate a missile launch. If
one officer isn’t certain, that officer does not enter their launch codes.
Consider adding dual authentication to any updates being made to a critical
system. A second “officer” must also authenticate and click on the install
button.
Do not allow employees to install their own software. This can be
accomplished by limiting admin rights on laptops, desktops, and servers. There
are plenty of commercial products out there that do this very well and still
allow the machine to run properly in a work environment. Don’t be influenced by
the company size or number of employees. The effort you spend helping
manage company owned and connected devices is smaller than a breach recovery or
the impact of a network infection.
Document and keep track of where any open source is used
Everyone thinks of a white list, but also have a proper request and vetting
process for newly requested software products or applications to be installed.
Track the open source components. Many software pieces are partially or fully
based on open source code. If you don’t know where those components are, you
won’t be able to assess your risk if a vulnerability is discovered later.
A corporation must control the Web browsing capabilities of its users inside
and outside the premises when using company property. Web filters may not be
popular with employees, but many compromised sites seem innocent enough. The
only way to protect your network is to be strict about Web browsing, no
exceptions. If someone wants to view the latest Internet fail they can do it on
their own machine.
Perhaps 90 percent of enterprises have Web filters on their corporate
networks. Far fewer have client side Web filtering to restrict computer use
when a laptop or tablet travels home and is connected to a private network.
It’s not popular with employees, but it is your equipment.
Hello, my name is Mohd Azahar. I'm a self-employed Pivrate from the India.
I am foreseeing more stories from you. Your sythesis and language is, clearly, astonishing and astounding. I need you to appreciate all that life brings to the table for your endeavors. Your blog is fantastically great thank you for share this data this is extremely famous I like it especially there are different things obliged uncommon and quality technique. For better writing tips go through with site Cheap essay writing service, you can get better writing related help.
ReplyDelete