Cybersecurity Essentials: Part 4
All organizations need to protect their systems and data from cyber-attacks, which means that all organizations need to implement a cybersecurity program. Our monthly blog, “Cybersecurity Essentials,” details the elements of a comprehensive program to ensure you are accounting for privacy concerns, compliance issues, and the policies and procedures critical to maintaining a secure organization and a culture of cybersecurity.
In part 1 of our series, we addressed privacy concerns as they extend to employee records, client or customer records and communications, and the use of mobile devices.
In part 2, we shifted our focus to a discussion of a security program, which includes training, policies, and other steps required to protect your organization’s sensitive data.
In part 3, we introduced some tools—applications and solutions—you can use to safeguard your organization from hackers.
Now in part 4, we offer five rules for “system hardening,” that is, tightening up access and adding security to ward off potential hackers.
Rule 1: Remove all unused programs on all systems. Programs stored on a server or workstation are potential entrance points for hackers. Removing unneeded programs cuts down the number of ways your systems can be hacked. Because the needs of organizations constantly change, you should check regularly to ensure all installed applications are needed and being used.
Rule 2: Maintain user group policies in Microsoft’s Active Directory. The policies should clearly define the rules for user groups for access to your systems. Simple errors can allow unauthorized individuals access to groups or settings, a potential gateway for a cyber attack. Conduct audits to validate group members, and ensure that nothing is left in systems or servers that those groups no longer need access to.
Rule 3: Implement a patch management plan. Your cybersecurity plan should include regular planning, testing, and implementing of patches through patch-management software to ensure all applications and operating systems are the most recent versions and that you’re not missing any critical security patches. If there is a vulnerability in a piece of software, Microsoft will release a patch for it, so have an automated process in place to ensure your machines aren’t susceptible.
Rule 4: Secure endpoints and perimeters. You can reduce the likelihood of attacks by strengthening user account controls and implementing security policies while maintaining user efficiency. The intent is to allow reasonable user access while ensuring your devices are protected by properly configured and deployed firewalls, routers, VPNs, and intrusion, detection, and prevention systems.
Rule 5: Monitor and track behavior in cloud applications. The goal is to detect abnormal user behavior, like “impossible travel time” (e.g., a user logging in in Pittsburgh then minutes later in Dallas). Abnormal behaviors include unfamiliar sign-in properties, or suspicious in-box manipulation, such as forwarding to an unknown account. Ensuring that security rules or settings haven’t been changed will help prevent attacks, email compromises, and ransomware.
If you have questions or concerns, our Vertilocity team can evaluate your cybersecurity strategy and discuss your options with you. Call us at 412-220-5744, or email me at email@example.com.