Best Practices for Cyber Security - IT Infrastructure

Identification of Critical information infrastructure is the first step in the process to secure and protect the availability of critical assets.

Everyone wishes their organization could be more secure. With the number of hackers, Insider Threats and other threats to your cyber security out there, you can always find a new security practice to enact.

For this post, we're not telling you about encrypting data or putting up firewalls. We’ll assume you already have those implemented. These best practices for 2016 are items you may not have considered, but definitely should. Take a look at the list and see if any of these best practices for cyber security have gotten lost as you consider your Insider Threat planning this year:

Monitor Applications with Access to Data :

Applications are great. They give your business the tools it needs to function and be productive. But they also put your sensitive data at risk. When IT security attempts to protect critical information, it usually involves putting up firewalls and building your infrastructure around the data you want to protect. Then you give applications access to this data. When hackers look to steal your data, they won’t try to hammer their way through your firewall, they’ll look for the least secure system with access to the data they need.

Create Specific Access Controls :

Once your IT network is secure, you need to be very careful about who you decide to give the keys to the kingdom. Ideally, it shouldn’t be anyone. By creating specific access controls for all of your users you can limit their access to only the systems they need for their tasks and limit your sensitive data’s exposure.

Collect Detailed Logs :

For a complete record of what goes on in your systems – both for security and troubleshooting purposes – you should collect detailed logs and report data. This is especially the case for applications that don’t have internal logging. By adding tools that can log the activities of these applications you will be able to plug any security holes those applications may create.

Maintain Security Patches up to date :

It is a no-brainer to keep your anti-virus up to date. However, many companies for some reason have trouble wrapping their heads around the concept of keeping every software updated. Most organizations use legacy software and older version without realizing that they often have critical vulnerabilities that attackers can use to easily get access to sensitive data or infrastructure.

When cyber-criminals are constantly inventing new techniques and looking for new vulnerabilities, an optimized security network is only optimized for so long.

To keep your network protected, make sure your Browsers, software and hardware security is up to date with any new antimalware signatures or patches.

Take steps to combat spam :

With the rise of Ransomware and other types of viruses spreading through emails, employing counter-measures against spam quickly became on one of the most important and best cyber security practices in 2016. Malicious software, sent via email can be very dangerous, when landing in an inbox of an uneducated employee. It is important to not only properly setup an automatic spam filter, but also to educate your employees on the danger of clicking unfamiliar links.

Beware of Social Engineering :

All of the technical IT security you implement can’t take the place of common sense and human error. Social engineering tactics have been used successfully for decades to gain login information and access to encrypted files. 

Major breach in one of the company , when a hacker called an employee pretending to be the IT department and was able to get the employee’s log-in information. Attempts like this one may come from phone, email or other communication with your users. The best defense is to…

Educate and Train Your Users :

No matter how gifted, your users will always be your weakest link when it comes to information security. That doesn’t mean you can’t limit this risk through regularly educating your users on cyber security best practices. This training should include how to recognize a phishing email, how to create strong passwords, avoiding dangerous applications, taking information out of the company, and any other relevant user security risks.

Maintain effective security policy :

Security policy is a backbone of your protection that should serve to establish and formalize security procedures inside your organization. Not every company has a security policy, but even the ones, which do, frequently do not enforce it effectively. Employees are quick to sacrifice any security guidelines for convenience if they are not properly enforced. Enforcement needs to start with upper management and move down, ensuring that every employee is aware of the policy.

Outline Clear Use Policies for New Employees and Vendors :

To strengthen and clarify the education you give your users, you should clearly outline the requirements and expectations your company has in regards to IT security when you first hire them. Make sure employment contracts and SLAs have sections that clearly define these security requirements.

Manage third-party vendors :

Opening access to sensitive data and company infrastructure to third-party vendors rises the risk of data loss and security breaches. It is important to establish strong security policies when dealing with third-party vendors and subcontractors. All the necessary procedures, such as storing and deleting data, providing and terminating third-party access to your system should be established in the contract. When opening access to your data and network resources from a remote location, make sure to follow best practices for network security, such as using protected connections and encrypted data transfer protocols. You may also want to establish user activity monitoring for third-party vendors working directly with sensitive data or critical configurations.

Be wary of USB devices / USB Blocking :

Flexibility of USB devices made them very popular in a business environment. What is easier for transporting the large number of files, than to use a small USB thumb stick or external hard drive? However, such devices pose a major security vulnerability. They can be used to easily spread malware or steal critical data. Control and monitoring of USB devices is among data security best practices. You should definitely consider using automated USB detection and blocking tool, or a more sophisticated dedicated solution.

User Activity Monitoring :

Trust but verify. While well trained users can be your security front line, you still need technology as your last line of defense. User Activity Monitoring allows you to monitor users to verify that their actions meet good security practices. If a malicious outsider gains access to their log-in information – or if an insider chooses to take advantage of their system access – you will be immediately notified of the suspicious activity.

Disable access on termination :

Companies often do not bother deleting login information of former employees. As a result, ex-employees retain their access to company systems, allowing them to commit malicious actions, such as data theft. It is important to disable access of former employees immediately upon termination.

Create a Data Breach Response Plan :

No matter how well you follow these best practices, you might get breached. In fact, nearly half of organizations suffered a security incident in the past year. If you do, having a response plan laid out ahead of time will allow you to close any vulnerabilities and limit the damage the breach can do.

Develop incident response strategies :

It is important to realize that cyber-attacks and security breaches happen to everybody. Regardless of the strength of your defenses, it is always a matter of “when”, not “if”. And when the incident eventually happens, you need to know exactly what to do. It is important to realize the types and directions of attack your company is most likely to be a subject of and develop appropriate incident response strategies in advance. This will greatly reduce your response time and costs in the long run.

Maintain Compliance :

Hopefully these best practices are a useful guideline for keeping your business safe, but you do have another set of guidelines available to you. In accordance with compliance based security requirement such as HIPAA, HITECH, NIST, ENISA, GLBA, FISMA, PCI, DSS and ISO offer standards for how your business should conduct its security based on your business requirement. More than a hassle which you need to prepare audit logs for, compliance can help guide your business.