Top 10 ways to prevent an IT security breachMay 31, 2017
Eliminating security breaches completely is an impossible task, however there are many things that employees can do to mitigate the threat. In this article, I am going to share teneasy-to-implement policies (created by looking at some high profile security breaches of the past) which, if followed to precision, will drastically reduce the chance of a security breach.
1. Stringent password policy
As cliché as it sounds, securing passwords (including changing default passwords and not re-using old passwords) goes a long way to averting security breaches. Create a specific policy for securing passwords; such as including special characters, minimum length, expiration dates, no repetition and no password sharing.
Many devices and applications in large enterprises are protected by default passwords. You’d better believe that attackers are also aware of this and can exploit it. Be sure to change those default passwords!
2. Disable old, unused or inactive user accounts
Old, unused and inactive user accounts can all become the source of a security attack. Security breaches are easier to pull off in an unclean Active Directory. The easy way to counter this is to ensure that whenever employees (either regular or contractual) leave the organization, make sure to disable their accounts – especially the ones that had privileged access.
3. Automate security
Automate your security initiatives. Use systems that automatically check password settings, unused/stale user and computer accounts, server settings and firewall configurations. Systems like this are vital because to be vigilant in all these areas requires a tremendous amount of time and man-power without them. There is an abundance of third-party solutions on the market today that can offer this service in an affordable way.
4. Enable auditing and examine logs
Good administrators know the importance of auditing, and will monitor system logs regularly and meticulously. As I am covering the best ways to avoid security breaches in this article, I’m going to be putting particular stress on security logs, as they are the first line of defense.
Let’s say, for example, you have a folder containing a set of highly important project files with non-owner file access enabled, and while reviewing the Windows server security log, the administrator comes across a file access event log. That should immediately raise alarm bells and you should be able to determine who accessed the file and for what purpose.
5. Encrypt Data
All sensitive information in your organization (whether it’s on your desktop, laptop or a portable storage device) should be encrypted. That way, even if someone manages to get access to the devices, data will still remain inaccessible. There are many third-party file encryption solution providers on the market to satisfy this requirement.
6. Do regular network scans
Doing regular network scans and comparing them against an active baseline inventory can help thwart a security breach. This will help you detect when and where a rogue app on the network was installed. You can do this using the NetView: a built-in Microsoft command. Third-party applications can also be used to scan the network; these apps are typically in a GUI format and are more informative.
7. Monitor outbound network traffic
Attackers these days use advanced and sophisticated malwares to avoid detection. One way of exposing them is to monitor outbound network traffic. Alarms should be raisedwhen the amount of outbound traffic is abnormally high. Most firewall applications can monitor outbound traffic and deliver scheduled reports.
8. Apply patches and update systems regularly
One way to stop security breach attempts originating from outside the network`s perimeter is by keeping operating systems and applications up to date. If the operating system and applications are updated regularly, they are more likely to be able to deal with attacks.
Using a product like Microsoft Baseline Security Analyzer (MBSA) can do this for you. It is an app released by Microsoft that evaluates missing security updates and less-secure security settings within Microsoft Windows in order to tell you when an update is required. It is an effective way to ensure that hardware and software in the network have the latest patches.
9. Devise and implement a disaster recovery plan
Irrespective of the size the organization, a disaster recovery plan is vital in providing continuity in the case of disasters. After an attack, instead of panicking, employees will have a step-by-step guide to follow that will help bring systems back to normal. There are many consultants available that can help you create a resilient disaster recovery plan that is specific to your requirements.
10. Raise awareness
Create an overall atmosphere of heightened security in the organization. All employees, whether a junior help-desk or a senior administrator, need to be aware of the risks their job profiles carry (and how such risks can be mitigated).
These points raised in this article are intended to make you aware of the security risks your organization faces every day and the best ways to overcome them. However, this is only the first step. Use this guide to implement a layered security approach and devise policies, procedures and audit solutions that can mitigate security threats. If you have any questions about any of the above given points, or any points you feel should be on this list, let me know in the comments below.
"Ajit Singh, Marketing Manager for IT auditing, security and compliance vendor, Lepide -