Traditionally, the first two months of the year are chock full of resolutions — to lose a few pounds, to quit smoking or to learn a few dance steps — and computer security is no exception to the rule.
And yet, almost all the good advice, like “Remember to update your antivirus software” is aimed at consumers or end users.
What about those who are responsible for a corporation’s network or IT security? What guidelines can we give ourselves to sleep better at night? NETsatori’s security experts identified five tips to help you prevent risks in 2019.
#1 — Hunt down orphan applications
L’accélération du rythme des affaires entraîne la multiplication des applications à usage interne ou externe, que l’on doit mettre en ligne de plus en plus rapidement. Leur désaffection est parfois tout aussi rapide et l’on se retrouve avec des « logiciels orphelins », que personne n’utilise, avec des droits d’accès associés qui ne sont en théorie plus utilisés – jusqu’à ce qu’une personne mal intentionnée tombe dessus.Ces applications n’étant plus sur les écrans radars des gestionnaires de réseau, il est probable que les dernières politiques de sécurité des firewalls et les patch de sécurité ne leur ont pas été appliquées.
Make a list of all the decommissioned applications and all access rights that haven’t been used over the past few months and treat your system to a spring cleaning by eliminating everything that isn’t useful.
#2 — Implement a “true” IoT policy
Users often don’t consider connected objects as computer assets, even less as potentially dangerous systems, so these new arrivals are multiplying, immune to all security standards.
Inform users of the risks inherent to IoT and quickly implement a true policy concerning connected objects, not to prohibit them — which would be a guaranteed failure — but to supervise their deployment, by requiring, for example, that all equipment be validated as compliant with standard 802.1X before they can access the corporate network.
#3 — Integrate AI in security systems
The logistic and financial means at the disposal of cybercriminals have exploded in recent years, they must not be underestimated. On the other hand, it is difficult to find expert security resources, and budgets in this area are tight, as for all aspects of a corporation’s finances.
A promising part of the solution resides in a collective intelligence, comprised of both humans and machines, to help counter new risks facing our organizations!
Identify, if this hasn’t already been done, the systems that could benefit from artificial intelligence. If AI is already being used internally to secure the network, quickly upgrade to the next level by integrating new generations of AI.
#4 — Change the culture regarding passwords
Save for some exceptions, all accesses to applications and corporate networks are monitored by a password management system that meets minimal security standards, and is sometimes more rigid, with planned updates or signatures to avoid repetitions.
But though the motto “Too much security is almost as bad as too little security,” continues to be popular, it underlines a basic misunderstanding between security managers and users, and more importantly, the inability to convince users of the importance of security and its simplest expression: the password.
Though most corporate security systems prevent the use of weak passwords, the danger lies elsewhere: in the very simple passwords selected for the personal accounts of users. Hacking these accounts is generally child’s play. Once hacked, they can become the basis of a phishing or intrusion scenario. We must therefore ensure that individual employees don’t become potential Trojan horses.
Inform users of the importance of security, share the many articles dedicated to the worst passwords, and implement a stronger authentication system using a physical or virtual token (2‑factor authentication).
#5 — Prepare for the worst
Just as Californians don’t wonder if, but when, an earthquake will occur, it is most likely that all major organizations will one day be faced with a major IT catastrophe. This disaster can take the form of a new, particularly malicious virus, of a DDoS attack of unsuspected magnitude or, worse yet, of the paralysis of the cloud infrastructures. In any case, the worst can be avoided in one is well prepared.
Validate the redundancy of all critical networks; make sure, once again, that network backups are functioning correctly, and more importantly, that the data systems can be restored in an acceptable timeframe, and make sure that the disaster communication plan is up‑to‑date.