Cybercriminals are always refining their methods of attack, putting constant pressure on security practitioners to protect their organizations’ data.
In 2016, cybercriminals caused unprecedented levels of disruption and there’s no letup in sight. That’s why it’s prudent to frequently review your security practices and take inventory of what’s working and what’s not.
The topics below offer good starting points for a broader discussion of your current security posture.
Patch now, patch always
The massive WannaCry ransomware outbreak in May served up an object lesson about the risk of ignoring security patch updates. While regular patching won’t hermetically seal off a network entirely, it will help defend against a large percentage of potential attacks.
Keep a current device inventory
Device management is critical as more kinds of devices access applications and services on the network. IT needs to maintain a list and monitor that stockpile to ensure that the devices conform with the organization’s security policies regarding passwords, approved apps and data access.
IoT credential reset
Too many Internet of Things devices are used with the same default credentials they shipped with from the manufacturer. Before installing new devices to the network, reset those default settings with stronger combinations.
IT should require the use of stronger passwords with at least eight characters, including one number or symbol. They can also prevent employees from reusing passwords and restrict access until passwords are regularly changed. Lastly, multifactor authentication should be implemented across the organization.
Classify and restrict
Applying narrowly defined, role-based access controls will prevent individual users from accessing areas of the system where they have no business poking around. Draw up lists of your assets and data by category and then restrict access based on what people need to do their jobs.
Firewall filtering and VPN
Virtual Private Networks can provide a secure virtual connection between mobile devices and guarantee an encrypted data channel for safe data transmission. IT should also erect a firewall to filter incoming and outbound traffic — either between different areas of a network or between the network and the internet.
Keep close tabs on open ports
Along with conducting regular audits of the open ports on your network, block any unused ones. If neglect leads to certain ports unsupervised and left open by default, they can become prey to Trojans and worms sent by unauthorized third parties.
Monitor system activity
Implement an effective logging capability to monitor network traffic. Your ability to detect and deflect unusual employee or outsider behavior can help contain the loss of sensitive data.
Read the riot act around mobile use
Too many mobile users still make bad decisions that compromise network security. Your organization needs to create and enforce policies governing how employees use mobile devices.
Training. Yes, training
When it comes to corporate security, it’s no exaggeration to say that a cyberaware employee is a company’s best defense against future attack. No technology investment will suffice if an organization fails to convince employees to conform with best security practices.
Charles Cooper has covered technology and business for the past three decades. All opinions expressed are his own. AT&T has sponsored this blog post.