Analecta Cyber Company Blog: April 2018

2018-04-24

Using Network Monitoring to Identify Potential Security Threats

Analecta LLC banner graphic - Using Network Monitoring to Identify Potential Security Threats

Monitoring your network and analyzing critical data sources provides early identification of in-progress attacks and reduces threat damage


Many small and medium-sized businesses (SMBs) operate with only one metric regarding their network: “Is it working?” This falls woefully short of the idea that the organization should know it’s network inside and out. What traffic is typical? What volume is typical? What hosts are most or least active? These are important details that should be recorded to understand the “baseline” of network activity.

2018-04-17

Managing Remote Access Logs: Tracking Authorized Users to Limit Unauthorized Access

Managing Remote Access Logs - Tracking authorized users to limit Unauthorized access - Analecta banner graphics Remote access to systems eases many administrative and employee functional burdens, but comes at a high risk as it can inadvertently provide access to hackers. We discuss how to best detect early adversary activity to your business systems via remote access and review several best practices: out-of-band logging, remote log forwarding and log auditing.

2018-04-10

Security Actions for Each Phase of an Information System Development Life Cycle

Security Actions for Each Phase of an Information System Development Life Cycle Businesses rely on secure information systems to be successful. This raises information security to a vital business function. The best way to ensure data and information systems are protected is to integrate security throughout the entire system development life cycle (SDLC). No matter what SDLC your organization uses, when security is kept at the forefront of the planning process, your company is better positioned to stay ahead of threats and vulnerabilities.

2018-04-01

Data Encryption Compliance with the NIST Cybersecurity Framework

NIST Cybersecurity Framework - data encryption compliance Many businesses today have a compliance obligation to a regulatory agency to ensure customer data stored by the business is protected against confidentiality, integrity or availability breaches. Implementing a data encryption program on all in-house devices helps meet this requirement and can be quick and painless with most modern operating systems. In this article, we discuss the benefits and easy application of encrypting data that resides on your systems, and specifically, how to keep data confidentiality in tact.