A more secure organisation is something we all strive for. With the larger number of cyber criminals and other threats to your online security, there is always a new security practice that can be implemented.
In this post I will be talking about the less obvious ways of protecting your organisations online presence. The ten practices below are things that you may not have considered, but should definitely consider.
Here are my 10 security best practices:
- Collect Your Detailed Logs
In order to gather a complete record of all the things going on in your system, for both troubleshooting and security purposes, you should consider collecting detailed logs and report data. This should be especially so for those applications that does not have their own form of logging. By adding tools which are capable of logging the activities of these programs you will put yourself in the best position to tackle any security issues caused by these applications.
- Encrypt Your Data
All forms of data, whether it is file system, stored data or wire transferred, should be encrypted; encryption is vital to protecting your most sensitive data and to helping prevent loss of data or equipment loss.
- Install Those Security Patches
Cyber criminals are always creating new ways of harming your systems in addition to looking for new vulnerabilities, it’s for this reason that your security network is secure for only so long. For those organisations that do not heed this warning, they may find that they are too late, when they finally decide to install security patches for their network. In order to ensure your network is protected, you will need to keep your hardware and software security up-to-date with the latest patches and virus definitions.
- Monitor User Activity
Make sure you verify. While your trained users will act as your front line security, your technology should act as your last line of defence. User activity monitoring will allow you to verify that your user’s actions meet all best security practices. If an outsider is able to gain access to a user’s log-in data, or if someone from outside the network log-ins unexpectedly, you will be immediately notified of such suspicious activity.
- Backup Your Data
Data backup is probably the most obvious security measure, something that you should already be doing, in practice. With the introduction of ransomware, and other malicious files designed to hijack your data, until you have the money to purchase a decryption key, having all your data backed up can prove to be a lifesaver for your business.
What approach should you take when making your backups? You need to ensure that your backups are encrypted and protected, and that it is carried out frequently. It’s also best practice for the backup process to be carried out by several people, in order to avoid internal threats.
- Network-Based Security
Make sure you are using firewalls, intrusion detection devices, gateway antivirus, honey pots, and monitoring in order to screen for DoS attacks, unauthorised access to your network, port scanning, and other attacks that occur over the network.
- Educate and Train Your Users
No matter how knowledgeable you may be, your users will always act as the weakest link in the chain, especially when it comes to information security. However, you can limit this risk by providing your users with the necessary education on cyber security and other best practices. This training should include things like phishing scams, utilising strong passwords, avoiding malicious programs, transferring information from the company and other relevant things a user should know.
- Beware of Social Engineering
All of the various IT security measures that you implement will never be able to take the place of human error and common sense. Social engineering techniques have been utilised for a considerable amount of time to gain access to log-in details and sensitive data. There was a company some time back that was breached simply by a computer hacker calling up the company and pretending to be from the IT department, asking employee’s for their log-in data. Attempts like this will come from email, phone and other methods of communication.
- Use Spam Filters
Make sure you use a credible spam filter, one that has been time-tested to ensure that it will remove all unwanted emails from your inbox, forcing them into the junk folders. Your users should also be up to speed on how to identify junk mail.
- Implement a Removable Media Policy
Consider restricting access to USB drives, thumb drives, external hard drives, external DVD writers and other writeable media devices. All of these devices are capable of causing a security breach, allowing hackers to gain unauthorised access to your network. Some companies will restrict access to these devices to a single offline machine within the organisation – something you may want to consider.
Uchenna Ani-Okoye is a former IT Manager who now runs his own computer support website www.compuchenna.co.uk.