April 13, 2018
The Best Firewall for your Company: Yourself
April 13, 2018
I've seen the main facts about Security in the last months, and I still get amazing on how enterprises are being affected by several kinds of attacks. When taking a time to analyze it, we can figure out the main problem for all of these issues - a complete lack of strategies, good practices and architecture for cybersecurity.
I don´t want to blame several great Security Leaders and Corporations, because these leaders are always working on this kind of awareness, however, the culture they work to implement are not properly followed by its employees. In some cases, do the right thing is something that other levels of the companies have a problem to do and go forward, and unfortunately, great names of cybersecurity area in some companies will pay the price for this lack of commitment.
The question in this case is... why does it happens? Obviously we are always dealing with people with a huge technical knowledge and with a high skills at several social engineering methods. In some cases, even we get some old-fashioned threats, some users are caught due to the high social engineering method used to go further in the threat purpose.
At this time we get in the part where your Information Security Team needs to assume the responsibility to create an awareness to all users in the Company to avoid future problem related to Security and a complete and great Information Security Program is the way to move on! After all, you as a Security Practioner have the tools and the knowledge for this.
We can defined it like a place where people feel safe because a wide steal wall is around then avoiding external attacks or stealing attempts. Suddenly something happens and that incorruptible place is invaded and you don´t know what was the root cause for that. After some research you realize a tiny hole in that steal wall which gave to external attacks the possibility of little by little creating a big problem and putting your place as a target.
Maybe that´s the reality of your Company. Even having the best equipment, the best IT and IS professional stuff, if you don´t have processes, responsibilitiy definition or environment analysis, Surely you will be the next target, soon or later.
How are your environment built? Are you aware about the flow of your network? Servers and workstations are installed according the the best security practices? Security should be considered at the beginning of any project and it´s the key for the success and avoid several problems and costs.
Take a time to create all possible documentation of your environment, assets and processes. use the concepts of RACI Matrix to keep clear who is responsible for each part of the environment. Below a link where you can better understand what RACI Matrix is and how it can help you:
Define an access control policy just to make sure that only authorized people are having access to the critical places and having the proper access to files and folders.
It´s also important to take note of the main Active Directory Groups - the ones with access to sensitive documents and information in your network. Each department needs to have an owner to control who can have access to its information.
Your company also needs to have a DLP Policy, starting at Human Resources department. Every employee must sign a document of confidentiality to avoid a leakage of sensitive corporate information. Also take care of external devices or pen drives which can be used to steal sensitive data. Most of companies are blocking any kind of USB Storage, allowing it only for authorized people using corporate devices.
Avoid giving users access to their personal emails - it´s a way to steal data.
What´s the core business of your company? Which Security Rules you need to work with? ISO, PCI, etc. Follow a method that fits to your business and goes deep inside to guarantee the most level of security. It´s just some points you should follow when creating a security program to your company. We have several others I will discuss here in future opportunities!
That's my first contribution for Cybrary Op3n Initiative! It was a pleasure to be part of this! Hope to come back here and write more about security!