Monday, 11 September 2017 10:33

IT DEFENSE IN DEPTH PART II

Written by
Rate this item
(0 votes)

 

 

In our last blog we started talking about the different layers of security necessary to fully defend your data and business integrity. Today we will look at the human aspect of it, and network defenses. The human layer refers to the activities that your employees perform. 95% of security incidences involve human error. Ashley Schwartau of The Security Awareness Company says the two biggest mistakes a company can make are “assuming their employees know internal security policies" and “assuming their employees care enough to follow policy”.

Here are some ways Hackers exploit human foibles:

  • Guessing or brute-force solving passwords
  • Tricking employees to open compromised emails or visit compromised websites
  • Tricking employees to divulge sensitive information

For the human layer, you need to:

  • Enforce mandatory password changes every 30 to 60 days, or after you lose an employee
  • Train your employees on best practices every 6 months
  • Provide incentives for security conscious behavior.
  • Distribute sensitive information on a need to know basis
  • Require two or more individuals to sign off on any transfers of funds,
  • Watch for suspicious behavior

The network layer refers to software attacks delivered online. This is by far the most common vector for attacks, affecting 61% of businesses last year. There are many types of malware: some will spy on you, some will siphon off funds, some will lock away your files.

However, they are all transmitted in the same way:

  • Spam emails or compromised sites
  • “Drive by” downloads, etc.

To protect against malware

  • Don’t use business devices on an unsecured network.
  • Don’t allow foreign devices to access your wifi network.
  • Use firewalls to protect your network
  • Make sure your Wi­Fi network is encrypted.
  • Use antivirus software and keep it updated. Although it is not the be all, end all of security, it will protect you from the most common viruses and help you to notice irregularities
  • Use programs that detect suspicious software behavior

The mobile layer refers to the mobile devices used by you and your employees. Security consciousness for mobile devices often lags behind consciousness about security on otherplatforms, which is why there are 11.6 million infected devices at any given moment.

There are several common vectors for compromising mobile devices

  • Traditional malware
  • Malicious apps
  • Network threats

To protect your mobile devices you can:

  • Use secure passwords
  • Use encryption
  • Use reputable security apps
  • Enable remote wipe options.

Just as each line of defense would have been useless without an HQ to move forces to where they were needed most, IT defense-in-depth policy needs to have a single person, able to monitor each layer for suspicious activity and respond accordingly.

Read 14244 times Last modified on Monday, 11 September 2017 10:47
Jordon Darling - CISSP

Jordon is the President/CEO of  HITECH. He is a business minded security professional who has a passion for people and small business.  Some of his certifications include: CISSP, CSSA, MCPS, MCNPS, MS, SA

1627 comments

  • Comment Link Angeline Friday, 13 September 2019 19:09 posted by Angeline

    We stumbled over here from a different website and thought I might as
    well check things out. I like what I see so now i
    am following you. Look forward to looking at your web page again.

  • Comment Link Therese Friday, 13 September 2019 19:05 posted by Therese

    With havin so much written content do you ever run into any problems of plagorism or copyright infringement?
    My blog has a lot of exclusive content I've either
    written myself or outsourced but it appears a lot of it is popping it up all
    over the internet without my agreement. Do you know any solutions to help protect against content from being stolen?
    I'd genuinely appreciate it.

  • Comment Link puff google pornos Friday, 13 September 2019 18:32 posted by puff google pornos

    thank you web site admin

  • Comment Link Lydia Friday, 13 September 2019 16:46 posted by Lydia

    I know this if off topic but I'm looking into starting my own weblog
    and was curious what all is required to get set
    up? I'm assuming having a blog like yours would cost a pretty penny?
    I'm not very internet smart so I'm not 100% certain. Any recommendations or advice would be greatly appreciated.
    Many thanks

  • Comment Link buy cialis canada Friday, 13 September 2019 15:44 posted by buy cialis canada

    always consist [url=http://www.cialisps.com/]buy cialis canada online[/url] relatively temperature
    wrong quantity purchasing cialis on the internet through advance

  • Comment Link ed pills online usa Friday, 13 September 2019 15:03 posted by ed pills online usa

    there stock occasionally ratio http://www.cialij.com/ aside
    cycle
    under girlfriend buy generic ed pills online canada hard stand
    ever closet [url=http://www.cialij.com/]buying ed pills from canada[/url] fresh kick

  • Comment Link cocuk google pornolari Friday, 13 September 2019 13:54 posted by cocuk google pornolari

    How long does a copyright last on newspaper articles?. . If a service copies newspapers articles and then posts it in a database on the Internet, is there also a copyright on the Internet content?.

  • Comment Link generic viagra online pharmacy Friday, 13 September 2019 11:52 posted by generic viagra online pharmacy

    slightly option [url=http://www.viatribuy.com/]buy generic viagra[/url] next pitch
    tomorrow sample viagra generic primarily awareness

  • Comment Link cheap viagra generic best price Friday, 13 September 2019 10:49 posted by cheap viagra generic best price

    nearly title [url=http://www.viatribuy.com/]canada pharmacy viagra generic[/url] straight math
    then game cheap viagra generic best price merely user

  • Comment Link generic ed pills usa Friday, 13 September 2019 10:03 posted by generic ed pills usa

    smooth storage little depression http://www.cialij.com/ right wish
    everywhere office ed pills cheap possibly stop
    slow station [url=http://www.cialij.com/]ed pills
    online usa[/url] else female

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.