Implementing Basic Security Measures
by Mislav Gluscevic - Monday, 14 April 2003.
Provide procedures and mechanisms to ensure the secure configuration of all deployed assets throughout their life cycle of installation, operation, maintenance, and retirement. This means you should apply patches to correct security and functionality problems, and establish standard, minimal essential configuration for each type of computer and service. Keep your network topology up to date, and provide some levels of logging. Before you apply your patches, consider the security implications for every change to systems and networks. Perform vulnerability assessments on a periodic basis, and address vulnerabilities when they are identified. Mandate a regular schedule of backups for both software and data, which means you have to validate software and data before and after backup, and make sure you have the ability to restore from backups.

Authentication & Authorization

Protect critical assets when providing network access to users working remotely and to third parties such as contractors and service providers. You should use network-, system-, file-, and application-level access controls and restrict access to authorized times and tasks, as required. Also, consider using data encryption and virtual private network technologies, if it is required.

Monitor & Audit

Use appropriate monitoring, auditing, and inspection facilities and assign responsibility for reporting, evaluating, and responding to system and network events and conditions. This means that you regularly use system and network monitoring tools and examine the results they produce; also use filtering and analysis tools and examine the results they produce, and learn how to response to events that warrants a response action. Also, make sure your employees are aware of whom to contact when they notice suspicious behaviour. Advice your system administrators to be up to date on the latest threats and attacks, and provide them with recourses on solutions over this problems.

Physical Security

Physical security is as important as network security. It is one of the most frequently forgotten forms of security because the issues that physical security encompasses - the threats, practices, and protections available - are different for practically every different site. The real danger in having a computer stolen isn't the loss of the system's hardware but the value of the loss of the data that was stored on the computer's disks. As with legal files and financial records, if you don't have a backup - or if the backup is stolen with the computer - the data you have lost may well be irreplaceable. Even if you do have a backup, you will still need to spend valuable time setting up a replacement system. Finally, there is always the chance that stolen information itself, or even the mere fact that information was stolen, will be used against you. There are several measures that you can take to protect your computer system against physical threats. Many of them will simultaneously protect the system from dangers posed by nature, outsiders, and inside saboteurs. So, we suggest you to use physical access controls (e.g., badges, biometrics, keys), where required. Also, use password-controlled electronic locks for workstations, servers, and laptops that are enabled upon login and after specified periods of inactivity. Control access to all your critical hardware assets (e.g., routers, firewalls, servers, mail hubs).

Continuity Planning and Disaster Recovery

Hopefully, by following this tips I mentioned above, I hope your systems or networks will never be stolen or damaged. But if that happens, you should have a plan for immediately securing temporary computer equipment and for loading your backups onto the new systems. This plan is known as disaster recovery. You should establish a plan for rapidly acquiring new equipment in the event of theft, fire, or equipment failure. You should also test this plan by renting (or borrowing) a computer system and trying to restore your backups, as I mentioned before.



Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th