Monday, 11 September 2017 10:33

IT DEFENSE IN DEPTH PART II

Written by
Rate this item
(0 votes)

 

 

In our last blog we started talking about the different layers of security necessary to fully defend your data and business integrity. Today we will look at the human aspect of it, and network defenses. The human layer refers to the activities that your employees perform. 95% of security incidences involve human error. Ashley Schwartau of The Security Awareness Company says the two biggest mistakes a company can make are “assuming their employees know internal security policies" and “assuming their employees care enough to follow policy”.

Here are some ways Hackers exploit human foibles:

  • Guessing or brute-force solving passwords
  • Tricking employees to open compromised emails or visit compromised websites
  • Tricking employees to divulge sensitive information

For the human layer, you need to:

  • Enforce mandatory password changes every 30 to 60 days, or after you lose an employee
  • Train your employees on best practices every 6 months
  • Provide incentives for security conscious behavior.
  • Distribute sensitive information on a need to know basis
  • Require two or more individuals to sign off on any transfers of funds,
  • Watch for suspicious behavior

The network layer refers to software attacks delivered online. This is by far the most common vector for attacks, affecting 61% of businesses last year. There are many types of malware: some will spy on you, some will siphon off funds, some will lock away your files.

However, they are all transmitted in the same way:

  • Spam emails or compromised sites
  • “Drive by” downloads, etc.

To protect against malware

  • Don’t use business devices on an unsecured network.
  • Don’t allow foreign devices to access your wifi network.
  • Use firewalls to protect your network
  • Make sure your Wi­Fi network is encrypted.
  • Use antivirus software and keep it updated. Although it is not the be all, end all of security, it will protect you from the most common viruses and help you to notice irregularities
  • Use programs that detect suspicious software behavior

The mobile layer refers to the mobile devices used by you and your employees. Security consciousness for mobile devices often lags behind consciousness about security on otherplatforms, which is why there are 11.6 million infected devices at any given moment.

There are several common vectors for compromising mobile devices

  • Traditional malware
  • Malicious apps
  • Network threats

To protect your mobile devices you can:

  • Use secure passwords
  • Use encryption
  • Use reputable security apps
  • Enable remote wipe options.

Just as each line of defense would have been useless without an HQ to move forces to where they were needed most, IT defense-in-depth policy needs to have a single person, able to monitor each layer for suspicious activity and respond accordingly.

Read 55841 times Last modified on Monday, 11 September 2017 10:47
Jordon Darling - CISSP

Jordon is the President/CEO of  HITECH. He is a business minded security professional who has a passion for people and small business.  Some of his certifications include: CISSP, CSSA, MCPS, MCNPS, MS, SA

21865 comments

  • Comment Link TomzydiB Sunday, 05 January 2020 01:40 posted by TomzydiB

    cialis online usa
    http://viagforsl.com - cheap generic viagra 100mg
    cialis online us pharmacy
    viagra generica espana
    - cheapest cialis in uk
    cialis recommended dose

  • Comment Link Ferzyrip Sunday, 05 January 2020 01:35 posted by Ferzyrip

    cbd oil effects
    http://cbd-7.com - cbd isolate
    cbd tincture for sale
    key health benefits of CBD oils:
    - cbd without thc for sale
    cannabidiol legal

  • Comment Link Tomzyvok Sunday, 05 January 2020 01:22 posted by Tomzyvok

    does cialis work if your not impertant
    http://viagforsl.com - generic viagra for sale
    viagra v cialis which is best for a firmer erection
    cheap virgar u.s.a.
    - cialis coupon lilly help
    how does cialis work

  • Comment Link Ferzyrip Sunday, 05 January 2020 01:17 posted by Ferzyrip

    cbd oral capsules
    http://cbd-7.com - how long does a bottle of cbd oil last
    cbd cream reviews
    cbd tincture dosage
    - cannabidiol defenition
    best cbd vape oil

  • Comment Link TomzydiB Sunday, 05 January 2020 01:15 posted by TomzydiB

    cialis online express delivery
    http://viagforsl.com - generic viagra from canada
    cialis 20mg tablets who is online
    viagra online cheap
    - 20mg generic cialis
    cialis with alcohol

  • Comment Link Ferzyrip Sunday, 05 January 2020 01:07 posted by Ferzyrip

    where to buy hemp oil for pain
    http://cbd-7.com - how long does cbd effect last
    what is tincture of cbd for?
    pure cbd oil
    - cbd without thc oil
    best cbd oil

  • Comment Link ZatthewEdito Sunday, 05 January 2020 01:04 posted by ZatthewEdito

    buy cialis uk
    http://viagforsl.com - viagra generic drug
    cialis and alcohol side effects find all posts by
    over the counter generic viagra
    - cialis gallery
    cialis and alcohol side effects views

  • Comment Link Ferzyfes Sunday, 05 January 2020 01:00 posted by Ferzyfes

    cbd tincture for sale
    http://cbd-7.com - cbd and thc oil
    cbd lotion psoriasis
    cbd powder
    - how long does cbd last in your system
    best cbd vape pen

  • Comment Link Tomzyvok Sunday, 05 January 2020 00:59 posted by Tomzyvok

    cialis 5mg canada no new posts
    http://viagforsl.com - are generic viagra safe
    approval cialis
    reputable generic viagra
    - levitra cialis
    cialis shelf life

  • Comment Link Zatthewfat Sunday, 05 January 2020 00:56 posted by Zatthewfat

    cialis headache
    http://viagforsl.com - generic viagra pills
    levitra viagra vs cialis comment.php
    viagra generic online
    - cialis natur
    viagra cialis cheap

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.