Monday, 11 September 2017 10:33

IT DEFENSE IN DEPTH PART II

Written by
Rate this item
(0 votes)

 

 

In our last blog we started talking about the different layers of security necessary to fully defend your data and business integrity. Today we will look at the human aspect of it, and network defenses. The human layer refers to the activities that your employees perform. 95% of security incidences involve human error. Ashley Schwartau of The Security Awareness Company says the two biggest mistakes a company can make are “assuming their employees know internal security policies" and “assuming their employees care enough to follow policy”.

Here are some ways Hackers exploit human foibles:

  • Guessing or brute-force solving passwords
  • Tricking employees to open compromised emails or visit compromised websites
  • Tricking employees to divulge sensitive information

For the human layer, you need to:

  • Enforce mandatory password changes every 30 to 60 days, or after you lose an employee
  • Train your employees on best practices every 6 months
  • Provide incentives for security conscious behavior.
  • Distribute sensitive information on a need to know basis
  • Require two or more individuals to sign off on any transfers of funds,
  • Watch for suspicious behavior

The network layer refers to software attacks delivered online. This is by far the most common vector for attacks, affecting 61% of businesses last year. There are many types of malware: some will spy on you, some will siphon off funds, some will lock away your files.

However, they are all transmitted in the same way:

  • Spam emails or compromised sites
  • “Drive by” downloads, etc.

To protect against malware

  • Don’t use business devices on an unsecured network.
  • Don’t allow foreign devices to access your wifi network.
  • Use firewalls to protect your network
  • Make sure your Wi­Fi network is encrypted.
  • Use antivirus software and keep it updated. Although it is not the be all, end all of security, it will protect you from the most common viruses and help you to notice irregularities
  • Use programs that detect suspicious software behavior

The mobile layer refers to the mobile devices used by you and your employees. Security consciousness for mobile devices often lags behind consciousness about security on otherplatforms, which is why there are 11.6 million infected devices at any given moment.

There are several common vectors for compromising mobile devices

  • Traditional malware
  • Malicious apps
  • Network threats

To protect your mobile devices you can:

  • Use secure passwords
  • Use encryption
  • Use reputable security apps
  • Enable remote wipe options.

Just as each line of defense would have been useless without an HQ to move forces to where they were needed most, IT defense-in-depth policy needs to have a single person, able to monitor each layer for suspicious activity and respond accordingly.

Read 14319 times Last modified on Monday, 11 September 2017 10:47
Jordon Darling - CISSP

Jordon is the President/CEO of  HITECH. He is a business minded security professional who has a passion for people and small business.  Some of his certifications include: CISSP, CSSA, MCPS, MCNPS, MS, SA

1647 comments

  • Comment Link cenforce 25 mg Wednesday, 18 September 2019 11:13 posted by cenforce 25 mg

    absolutely order [url=http://cavalrymenforromney.com/]cenforce
    india[/url] unfortunately team ahead passenger http://cavalrymenforromney.com/ direct
    tell properly implement buying cenforce in usa rather catch

  • Comment Link Jeffrey Wednesday, 18 September 2019 08:53 posted by Jeffrey

    I believe you have mentioned some very interesting details, appreciate it for the post.

  • Comment Link Dina Wednesday, 18 September 2019 08:49 posted by Dina

    I don't unremarkably comment but I gotta state appreciate
    it for the post on this one :D.

  • Comment Link ketoists Wednesday, 18 September 2019 08:45 posted by ketoists

    los angeles dodgers summer straw hat nike air max 97 uk 6 adidas predator 19.2 black white green shoes nike air max 2019 pour hommes adidas dame 4 scarlet 4.5 nike air vapormax hommes
    ketoists

  • Comment Link niccoair Wednesday, 18 September 2019 08:08 posted by niccoair

    nike flyknit lunar 3 grey orange new york yankees 1927 hat xi nike magista onda zaal 2016 nike mercurial superfly vi kids red white shoes nfl dolphins knit hat patterns nba jerseys fans lakers 73 dennis rodman yellow fans edition jerseys
    niccoair

  • Comment Link viagra online Wednesday, 18 September 2019 06:49 posted by viagra online

    too district [url=http://www.viatribuy.com/]viagra for sale
    cheap[/url] else criticism soon passenger http://www.viatribuy.com/ relatively aspect real category where to buy
    generic viagra never traffic

  • Comment Link cialis online pharmacy Wednesday, 18 September 2019 05:30 posted by cialis online pharmacy

    M http://cialisles.com/ cialis 40 mg - widely viagra
    cialis españa cialis usa also cialis 20 mg best price

  • Comment Link entropians Wednesday, 18 September 2019 05:13 posted by entropians

    rojo negro and blanco ones jordans monster energy hats india xbox 360 echo chunky knit newsboy hat crochet pattern jordan 1 retro high rojo adidas samba aluminium wei脽 yeezy sneakers womens
    entropians

  • Comment Link Veronique Wednesday, 18 September 2019 04:06 posted by Veronique

    What's up i am kavin, its my first occasion to commenting anywhere, when i read this piece of writing i thought
    i could also create comment due to this good article.

  • Comment Link cialis 20 mg best price Wednesday, 18 September 2019 03:46 posted by cialis 20 mg best price

    I http://cialisles.com cialis 20 mg best price; slow quanto tempo
    prima devo assumere il cialis cialis 20mg and cialis.com;

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.