By Alistair Forbes, General Manager, LogicNow
Factors such as growing network structures and a mobile workforce mean businesses are challenged with many systems that need to be secured against a growing range of security threats. Understandably, many companies feel overwhelmed with the burden of covering all aspects of IT security. So what are the security tasks that should be prioritised by businesses to ensure that they are safe?
Below is a six-point checklist to highlight the vital security steps that an organisation should take. The first three points are measures that nearly every company implements. The final three points are often overlooked in small and medium businesses, either through lack of awareness or as a result of a decision to tolerate a certain level of risk to avoid additional expense. While an informed assessment of risk and cost is sensible, it can only be made effectively when the potential threats are well understood.
The six-point security check:
- The latest virus and firewall protection: Attacks by virus, worm, Trojan and malicious websites are one of the most common causes of data loss for medium-sized companies. The core security requirements dictate frequent virus definition updates on all machines, including mobile devices. It sounds trivial, but it’s becoming increasingly difficult for IT managers to ensure all devices are updated in good time – automated updates with effective monitoring of this process are essential. Firewall rules and firmware need regular review and monitoring as well, to ensure that no vulnerabilities exist that can be exploited by malicious actors.
- Patch management: It sounds so simple: regularly install the latest patches on all operating systems and software solutions over the entire IT infrastructure. So why is this simple measure one of the most common weak points in companies? Unfortunately, for many IT managers patch management without automated tools has turned into an endless task to cover the growing infrastructure, and missing a patch update on just one machine can create a security hole that exposes the entire infrastructure.
- Email security: Threats from viruses and malware from inbound emails remain one of the most common attack vectors. It is essential that these are detected and intercepted by an email security and anti-spam software solution. Email security is ideally suited to deployment of a cloud-based solution that has the scale to deal with the largest attacks and that millions of emails to offer greater protection.
- Network security scans: In order to ensure that no threats have slipped through, it is recommended to regularly scan the network, including all virtual environments, mobile devices and network devices for vulnerabilities. In this case the operating systems and applications should go through security checks that are based on industry standards such as OVAL (Open Vulnerability and Assessment Language) and SANS 20 Critical Controls. Exposed web applications should be regularly tested for vulnerabilities as they are often a route to compromise of core business servers.
- Log data analysis: Many companies don’t even notice, or notice only too late, they have been a target of cyber crime. Effective security strategies should involve real-time monitoring of log data and the regular analysis of security-related event logs. Only then can critical incidents, suspicious activities and indications of compromise be detected early and corrective measures taken. This involves monitoring policies, access controls and audit of specific activities and applications (e.g. IDS, IPS, firewalls). These are significant enhancements to the overall security of the network.
- Mobile device management: Nowadays mobile devices are one of the biggest risks for many companies. Trends such as BYOD make it almost impossible for IT managers to guarantee security without effective tools. A tool to manage mobile devices, no matter who ultimately owns them, is therefore now an integral part of any comprehensive IT support solution. Remote wiping capability of a lost or stolen device reduces the chance of a significant data breach.
There are many other elements that relate to a comprehensive IT security programme, for example a reliable backup solution, regularly informing employees and raising awareness about security issues and addressing the human element for robust IT security. However, implementation of the above core security measures can help to ensure that your business will not be an easy target for cyber criminals.
