Cyber Security continues to be a talking point for all IT professional and, Call IT Service has dedicated a lot of time and resources into protecting our clients from the threats that are out there.
It’s one thing to put measures in place to protect your organization, but whether accidental or intentional most cyber-attacks are the result of some internal action. Considering that some insider breaches can go undetected for weeks, months and in some cases years here are some tips for IT security professional to minimize the damage caused by such incidence.
- Even if it’s just and individual, a DEDICATED TEAM is essential to your organizations security success. The team must have documented procedures for preventing, detecting and handling incidents that may occur, the documentation should not be a foreign article to any person who is on this team. This team must also be provided with articles that keep them up to date with the latest cyber-security threats and trends.
- If you are in an organization that frequently hires interns and contractual staff, be sure to always CREATE TEMPORARY ACCOUNTS for these individuals, which expire according to the employee’s contractual agreement. You can always extend the expiry date if required.
- Make sure there are no UNUSED ACCOUNTS on your network, that can be exploited, a simple DSQUERY command on a Windows Active Domain Controller will do the trick to search for accounts that have not been used in a specifies time frame.
- HR and Employee managers should be in direct contact with IT when an employee departs an organization. MAKE SURE THAT THE ACCOUNTS OF STAFF THAT HAVE LEFT ARE TERMINATED OR DISABLES AS SOON AS POSSIBLE, from when the individual leaves the organization. It is best practice for IT to informed in advance of when an employee’s contract is about to terminated.
- If possible, you should try and identify DISGRUNTLED STAFF MEMBERS to either monitor or limit their access. Some employees fueled by vengeance could be encouraged to steal and sell data to your organizations competitors. In the event where the employee’s unhappiness can be alleviated it would be prudent to try and do so, for the sake of improving the situation.
- Often described by “something you have and something you know”, TWO-FACTOR AUTHENTICATION is another step you can take to improve network security. The most common example would be to use as RSA token which displays a rotating sequence of numbers that consist of an authentication code, like banks OTP system or apples use of this system when signing into your apple ID from a foreign device. If the individual has the password but not the OTP or security token they will be blocked at the gate.
- This step is straight forward, I think, ENCRYPT YOUR DATA whether at rest or in transit. Make sure you use the right technology for the type of data that needs to be encrypted, ensuring that if someone steals a hard drive or is capturing traffic they will not be able to get to the data involved.
- There are a few third party applications that can assist in managing and reducing insider risks to your organization. In the ICIT report two key areas that can help reduce the risk. Applications like tripwire are really good at acting as an identity access management solution, helping MANGE THE PROVISIONING &DE-PROVISIONING OF IDENTITIES, access, and privileges, and assist in managing the authentication and authorization of individual users within or across system and enterprise boundaries.
- In taking into account the above suggestions do not forget to GUARD YOUR PERIMETER. IT security is a complex subject for many organizations with a-lot of moving parts, you don’t only need to guard against internal risk but it is imperative that you focus your security initiative energy on all external-facing devices as well.
- It Security can be a very expensive exercise so it is important to NOT SEE IT AS INSURANCE, other wise the temptation to remove it will be very high especially when times are tough and budget cuts need to occur. IT security is an investment, like you need to invest in the police, because when you need them they must be there. Best IT practice in IT security can reduce scrutiny from auditors for certain institutions. We must never forget that a proper investment will help prevent much larger costs down the line, such as lost revenue due to data breach or data loss.
As the security threat continues to evolve it is not only the responsibility of the IT department to make sure the organization stays secure, it needs to be a team effort from all the major stake holders within the organization, because when things go wrong it’s not only the IT department that gets affected.