7 must-have technical security controls for any budget
by Andy Hubbard - Senior Security Consultant for Neohapsis - Monday, 11 November 2013.
Prioritizing items on a security budget can be difficult. Here’s seven key technical controls every IT shop should include in a security budget.

1. Perimeters defenses

Perimeter defenses remain a cornerstone of most organization’s technical security controls. Perimeter defense protect against both directed and opportunistic attacks by controlling access to corporate assets and services and access to external resources (by internal users). Even if an organization intends to move significant portions of their published services to the cloud, perimeter defenses are necessary for controlling interactions between assets that remain under the control of the organization.

Consider the advances offered by most modern firewalls (unified threat management, next generation firewalls, and integrated threat monitoring). Significant advances have also been made in firewall maintenance, management and migration tools, making it easier than ever to build new, or replace aging solutions. Logging, alerting and reporting features are more advanced and make it easier for technology personnel to report meaningful information to senior management. Several products are now available that make it possible for even small-to-medium business to consider implementation of firewalls for internal networks as well.

2. Secure build

Published technical and security standards underscore why secure builds are required and why end-users or admins should not modify required security settings. This is a critical consideration for those moving to cloud solutions, especially IaaS (Infrastructure) or PaaS (Platform) cloud offerings. Beyond a standard image, a secure build focuses on security configurations specific to the type of host (server or workstation) and the services or function necessary for its use.

Dedicated use hosts should have specific secure build requirements. These should be documented and maintained as part of a standard change management and change control process. Maintenance of a secure build must be supported by the build process. It is best practice to integrate as much centralized control as possible into the secure build process. This includes patch management, inventory management, and log monitoring and centralization. Again, if an organization is moving to cloud-based solutions, there should be a plan in place for dealing with the secure build and build maintenance process.

3. Spam and email content control

Phishing and spear-phishing attacks are one of the quickest and easiest ways to compromise an otherwise secure environment. SPAM still accounts for around 70% of most company’s email traffic. Even with perimeter defenses, patch management and build processes, end-user interaction with messaging systems and links to external resources can still expose well maintained systems. Use of cloud-based solutions may provide some protection (as many have integrated anti-spam solutions), but any user interaction with messaging system-based malware may expose whatever assets that specific user (and their current workstation) has access to.

4. Network segmentation and isolation of critical assets

Many environments still allow interaction with critical systems from virtually anywhere within the organization; this has become a business imperative. Network segmentation helps to control access to critical internal systems from users and applications that have no need to interact with them. Separating critical assets and ensuring that only authorized personnel, systems, or applications can interact with them, significantly reduces exposure and chance of opportunistic attack from insiders.

Network segmentation can also reduce the scope of audit activities (if you can demonstrate effective segmentation controls), which saves time and money.

Spotlight

Almost 1 in 10 Android apps are now malware

Posted on 28 July 2014.  |  Cheetah Mobile Threat Research Labs analyzed trends in mobile viruses for Q1 and Q2 of 2014. Pulling 24.4 million sample files they found that 2.2 million files had viruses. This is a 153% increase from the number of infected files in 2013.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //