Monday, 11 September 2017 10:33

IT DEFENSE IN DEPTH PART II

Written by
Rate this item
(0 votes)

 

 

In our last blog we started talking about the different layers of security necessary to fully defend your data and business integrity. Today we will look at the human aspect of it, and network defenses. The human layer refers to the activities that your employees perform. 95% of security incidences involve human error. Ashley Schwartau of The Security Awareness Company says the two biggest mistakes a company can make are “assuming their employees know internal security policies" and “assuming their employees care enough to follow policy”.

Here are some ways Hackers exploit human foibles:

  • Guessing or brute-force solving passwords
  • Tricking employees to open compromised emails or visit compromised websites
  • Tricking employees to divulge sensitive information

For the human layer, you need to:

  • Enforce mandatory password changes every 30 to 60 days, or after you lose an employee
  • Train your employees on best practices every 6 months
  • Provide incentives for security conscious behavior.
  • Distribute sensitive information on a need to know basis
  • Require two or more individuals to sign off on any transfers of funds,
  • Watch for suspicious behavior

The network layer refers to software attacks delivered online. This is by far the most common vector for attacks, affecting 61% of businesses last year. There are many types of malware: some will spy on you, some will siphon off funds, some will lock away your files.

However, they are all transmitted in the same way:

  • Spam emails or compromised sites
  • “Drive by” downloads, etc.

To protect against malware

  • Don’t use business devices on an unsecured network.
  • Don’t allow foreign devices to access your wifi network.
  • Use firewalls to protect your network
  • Make sure your Wi­Fi network is encrypted.
  • Use antivirus software and keep it updated. Although it is not the be all, end all of security, it will protect you from the most common viruses and help you to notice irregularities
  • Use programs that detect suspicious software behavior

The mobile layer refers to the mobile devices used by you and your employees. Security consciousness for mobile devices often lags behind consciousness about security on otherplatforms, which is why there are 11.6 million infected devices at any given moment.

There are several common vectors for compromising mobile devices

  • Traditional malware
  • Malicious apps
  • Network threats

To protect your mobile devices you can:

  • Use secure passwords
  • Use encryption
  • Use reputable security apps
  • Enable remote wipe options.

Just as each line of defense would have been useless without an HQ to move forces to where they were needed most, IT defense-in-depth policy needs to have a single person, able to monitor each layer for suspicious activity and respond accordingly.

Read 2974 times Last modified on Monday, 11 September 2017 10:47
Jordon Darling - CISSP

Jordon is the President/CEO of  HITECH. He is a business minded security professional who has a passion for people and small business.  Some of his certifications include: CISSP, CSSA, MCPS, MCNPS, MS, SA

94 comments

  • Comment Link Amy Friday, 15 February 2019 13:56 posted by Amy

    Are you the kind of guy who likes to talk to sexy girls? If so,
    then you’re really going to love http://bestcamsite.xyz There are so many girls at that site.
    Day or night, you’ll always find a hot horny girl to talk to
    there.

  • Comment Link Mercedes Friday, 15 February 2019 05:27 posted by Mercedes

    Are you searching for love? Have you tried unsuccessfully to meet the person of your dreams at other sites?
    Almost all of those dating sites are a waste of your time.

    Check out http://bestonlinedating.xyz and see
    what the difference is. It’s full of good looking women who are searching for
    Mr. Right. Join today and be prepared to live happily ever after.

  • Comment Link Carlton Thursday, 14 February 2019 01:31 posted by Carlton

    The cutest cam girls are just one click away.
    These are girls who will make your dick hard instantly. Visit http://cutecamgirls.xyz and start talking to these girls.
    You’ll be surprised when they show you their tits. Nothing is better than talking
    to girls who get totally naked right before your very eyes.

  • Comment Link Brandy Wednesday, 13 February 2019 11:52 posted by Brandy

    There are horny girls in your area who want to fuck so bad.

    Are you seeking a fuck buddy? Do you want to
    have some no strings attached fun? If you are, then http://meethornygirls.xyz is the place
    to go. All the girls there are horny and they put out.

  • Comment Link Hanna Wednesday, 13 February 2019 08:22 posted by Hanna

    Right his very second you could be getting laid.
    Think about that for a moment. You could be having sex
    instead of jerking off. Go to http://getlaid.xyz and find yourself a woman who wants to fuck.
    You’ll be surprised when you’re balls deep inside a pretty princess.

  • Comment Link Dulcie Sunday, 30 December 2018 13:54 posted by Dulcie

    Hi! I just wanted to ask if you ever have any trouble with hackers?
    My last blog (wordpress) was hacked and I ended up losing many months of hard work due to no backup.
    Do you have any solutions to prevent hackers?

  • Comment Link Josh Thursday, 06 December 2018 05:30 posted by Josh

    I think this is among the most important info for me.

    And i am glad reading your article. But wanna remark on some general things, The website style is ideal, the
    articles is really nice : D. Good job, cheers

  • Comment Link Luz Thursday, 06 December 2018 04:34 posted by Luz

    There is definately a great deal to learn about this topic.
    I really like all the points you've made.

  • Comment Link Donte Wednesday, 05 December 2018 04:01 posted by Donte

    Oh my goodness! Incredible article dude! Thank you so much, However
    I am having troubles with your RSS. I don't understand why I can't join it.
    Is there anyone else having similar RSS problems?
    Anyone that knows the answer can you kindly respond?
    Thanx!!

  • Comment Link Vickey Tuesday, 04 December 2018 14:27 posted by Vickey

    This is a topic that's near to my heart... Take care! Exactly where are your contact details though?

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.