Analecta Cyber Company Blog: New Year's Resolutions for Cybersecurity Best Practices

2018-12-31

New Year's Resolutions for Cybersecurity Best Practices

After the ball has dropped and all of the confetti has been cleaned up, there’s only one more thing to do - jump into 2019 with a renewed focus on cybersecurity by adopting the following New Year’s resolutions!

Adopt the Principle of Least Privilege (PoLP):


Privileged-account compromises are an easy win for hackers. Having gained access to an account that has too many privileges, they are off wreaking havoc through your network. A great way to prevent this is to implement the Principle of Least Privilege.
  1. Have administrators log in with their non-admin user credentials (e.g., jane.doe@company.com) to do normal, user tasks.
  2. Have these admins use higher credentials (e.g., jane.doe.admin@company.com) for accessing the ability to perform administrative functions.
  3. At no time should admins be directly logging in to any system with the administration user credentials.
For a detailed look on where to get started, check out our article on Using the Principle of Least Privilege.

Multi-factor authentication (MFA)


You probably have used multi-factor authentication (MFA or 2-factor authentication) in some form already. MFA is a method of securing your systems by requiring more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction. It could be a combination of something you know (a password), combined with something you have (a secure token) or code received by SMS text, or something you are (your fingerprint).

NIST highly recommends using MFA whenever possible, but it is essential when it comes to protecting your most sensitive data. Start the New Year right and enable MFA today!

Network baseline and anomaly detection


Anomaly detection is a technique used to identify unusual patterns (or outliers) that do not conform to expected behavior. It has applications in many fields, including:
  • Intrusion detection: identifying strange patterns in network traffic that could signal a hack
  • System health monitoring: spotting a malignant tumor in an MRI scan
  • Scientific investigations: monitoring galaxies for the appearance of a supernova
  • Fraud detection: unexpected credit card transactions or cash withdrawals
  • Fault detection: operating environment anomalies including critical infrastructure
Monitor certain apps and set alerts if an application is running in unexpected departments, like PowerShell running in the Accounting Department (see article below). Items like this could be an indicator of a potential security issue. For more information, check out our article on network monitoring!

Analecta Recommends...

Singing the Blues: Taking Down an Insider Threat

     Enjoy this humorous, nail-biting adventure of an insider-threat-for-hire,
how far they got and what got them caught!


Defense in depth


"Defense in depth" is a security approach where you layer security measures so that a hacker would have to overcome each barrier and be delayed in accessing your data. NIST recommends that your defense-in-depth strategy should contain many layers of security and integrate people, technology and operations capabilities across multiple missions of the organization to achieve this protection.

Firewalls and network intrusion detection systems are important items that have their places in the defense-in-depth structure, but a well-trained workforce adds another safeguard that can be used to protect your company from malicious code coming in from emails or web applications. In order for them to be effective, be sure to take time to put security on everyone’s mind at the start of the new year. Emphasizing the topic right after employees come back from the holidays will start the new year off right!

Analecta Cyber wishes you and your families a happy and “cybersecure” New Year! For more tips on cybersecurity or if you have specific questions, send us an email anytime!

Analecta Cyber is a Maryland-based cybersecurity firm providing cyber risk assessments for small and medium sized businesses. Analecta is a trusted partner to help companies achieve their cybersecurity objectives. Email us at info@analecta-llc.com or visit our Cybersecurity website.

No comments :

Post a Comment