Monday, 11 September 2017 10:33

IT DEFENSE IN DEPTH PART II

Written by
Rate this item
(0 votes)

 

 

In our last blog we started talking about the different layers of security necessary to fully defend your data and business integrity. Today we will look at the human aspect of it, and network defenses. The human layer refers to the activities that your employees perform. 95% of security incidences involve human error. Ashley Schwartau of The Security Awareness Company says the two biggest mistakes a company can make are “assuming their employees know internal security policies" and “assuming their employees care enough to follow policy”.

Here are some ways Hackers exploit human foibles:

  • Guessing or brute-force solving passwords
  • Tricking employees to open compromised emails or visit compromised websites
  • Tricking employees to divulge sensitive information

For the human layer, you need to:

  • Enforce mandatory password changes every 30 to 60 days, or after you lose an employee
  • Train your employees on best practices every 6 months
  • Provide incentives for security conscious behavior.
  • Distribute sensitive information on a need to know basis
  • Require two or more individuals to sign off on any transfers of funds,
  • Watch for suspicious behavior

The network layer refers to software attacks delivered online. This is by far the most common vector for attacks, affecting 61% of businesses last year. There are many types of malware: some will spy on you, some will siphon off funds, some will lock away your files.

However, they are all transmitted in the same way:

  • Spam emails or compromised sites
  • “Drive by” downloads, etc.

To protect against malware

  • Don’t use business devices on an unsecured network.
  • Don’t allow foreign devices to access your wifi network.
  • Use firewalls to protect your network
  • Make sure your Wi­Fi network is encrypted.
  • Use antivirus software and keep it updated. Although it is not the be all, end all of security, it will protect you from the most common viruses and help you to notice irregularities
  • Use programs that detect suspicious software behavior

The mobile layer refers to the mobile devices used by you and your employees. Security consciousness for mobile devices often lags behind consciousness about security on otherplatforms, which is why there are 11.6 million infected devices at any given moment.

There are several common vectors for compromising mobile devices

  • Traditional malware
  • Malicious apps
  • Network threats

To protect your mobile devices you can:

  • Use secure passwords
  • Use encryption
  • Use reputable security apps
  • Enable remote wipe options.

Just as each line of defense would have been useless without an HQ to move forces to where they were needed most, IT defense-in-depth policy needs to have a single person, able to monitor each layer for suspicious activity and respond accordingly.

Read 17099 times Last modified on Monday, 11 September 2017 10:47
Jordon Darling - CISSP

Jordon is the President/CEO of  HITECH. He is a business minded security professional who has a passion for people and small business.  Some of his certifications include: CISSP, CSSA, MCPS, MCNPS, MS, SA

2047 comments

  • Comment Link starbathing Tuesday, 15 October 2019 03:20 posted by starbathing

    los angeles dodgers bucket hat sizes
    starbathing

  • Comment Link Kiley Pellin Tuesday, 15 October 2019 03:07 posted by Kiley Pellin

    If you are going for best contents like myself, only go to see this website all the time as it gives feature contents, thanks

  • Comment Link Ngan Millwood Tuesday, 15 October 2019 02:48 posted by Ngan Millwood

    Hi Jennie! Yes, Im sure it helps when your significant other is on board. Good for you guys!Just looked up Moosewood restaurant and cookbooks — very cool! A place that specializes in creative vegetarian dishes has got to have some great recipes up its sleeve. Thanks!

  • Comment Link Fazidblete Monday, 14 October 2019 20:13 posted by Fazidblete

    acquisto viagra generico italia
    http://viagrawithoutdoctorbest.com - viagra for sale on web
    viagra and alcohol it is currently
    generic viagra fast delivery
    - viagra 20mg reviews
    coversyl with viagra

  • Comment Link FazidGep Monday, 14 October 2019 18:36 posted by FazidGep

    viagra for daily use prices logged
    http://viagrawithoutdoctorbest.com - generic viagra from canada
    generic viagra
    generic viagra cheapest
    - viagra with viagra
    viagra coupon online view all

  • Comment Link Fazidblete Monday, 14 October 2019 18:27 posted by Fazidblete

    should i take viagra before or after i eat
    http://viagrawithoutdoctorbest.com - viagra generic uk
    viagra powered by bellabook -fill in your details in the form below
    canadian viagra
    - generic viagra no prescription
    viagra 20mg canada posts per day

  • Comment Link Fazidblete Monday, 14 October 2019 18:25 posted by Fazidblete

    viagra 20mg side effects no new posts
    http://viagrawithoutdoctorbest.com - viagra brand sale
    viagra review
    generic viagra availability
    - viagra online cheap usergroups
    can i take viagra if i have not got erectil problems

  • Comment Link FazidGep Monday, 14 October 2019 17:24 posted by FazidGep

    viagra online about me
    http://viagrawithoutdoctorbest.com - us generic viagra
    viagra and viagra
    generic viagra safety
    - hypertension viagra
    viagra and alcohol consumption sort by

  • Comment Link Dexter Culotta Monday, 14 October 2019 17:24 posted by Dexter Culotta

    Bear in mind too that, as a journalist, you are simply just the channel by which people with something to say talk with people who want to know what they said. The best way of keeping the route clear is to let people tell things in their own way. One of the golden rules of journalism is: Let people speak for themselves. Use quotes.

  • Comment Link soukherbs Monday, 14 October 2019 13:08 posted by soukherbs

    jordan jumpman cap black widow black white red nike air max 95 mens for uk new era red sox knit hat usa nike air presto womens grey orange shoes tenis nike shox nz preto e cinza knitted baby boy hats zumiez
    soukherbs

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.