1. Change default passwords
Your network is at risk from failure to modify the default usernames and passwords which come with a multitude of devices. Inspect your firewalls, routers, servers, workstations, tablets etc. to ensure that any default credentials have been removed.
2. Adopt Pass-phrases
User passwords are a perpetual source of risk, not least of all because of outdated guidance. Users should be required to use passwords of a minimum of eight characters but, recognising that such a password can be cracked in as little as 14 minutes, ten or twelve characters is preferred. Consider the use of ‘pass-phrases’.
3. Don’t abuse administrative accounts
Users with administrative accounts must be obliged to use such accounts only for the performance of required tasks. For example, the IT team should have ‘ordinary’ privileges for office tasks.
4. Control anti-virus protection
Confirm that every computer has appropriately configured spyware, malware and anti-virus software installed, and that it receives automatic updates via a subscription. Check that users cannot disable or modify the settings.
5. Adopt a software whitelist approach
Create a list of approved applications (a so-called ‘whitelist’), and block the installation or opening of any application not on this list.
6. Disable legacy and unsupported software
Disable any software for which no license can be identified, or which is not supported by its author. All legacy applications should be removed or isolated from the network.
7. Use two-factor authentication
Enable two-factor authentication wherever possible, especially for mobile devices.
8. Address IT physical security
Ensure the core IT infrastructure (servers, routers etc.), are located in a secure room with strict access controls. Access should be logged.
9. Close network ports
Disable applications which rely upon ‘ports’ to create remote access. Such applications are often used for remote access in support scenarios and include names such as ‘LogMeIn’ and ‘TeamViewer’. These applications can pose significant security risks left running and unmonitored.
10. Terminate consumer-grade file sharing
Terminate the use of consumer grade cloud file share services, such as GoogleDocs, Dropbox, iCloud and so forth. Primarily, such services open the door to corporate data being shared across the personal devices of users which synchronising. Further risks lie in the routine data corruption or loss caused by such services.
11. Test your backups
Test your backups! Ransomware attacks are hugely under-reported, and the true cost can only be speculated. Even if you pay the criminal, your data is likely to not be made available and so your backups are your only true defence. Sadly, too many organisations fail to test their ability to restore a backup, and so may be devastated.
12: Cyber security training!
Invest in a cyber security training course for all staff. Even one hour of training can pay dividends.
Have you read:
