Factors such as growing network structures and a mobile workforce mean businesses are challenged with many systems that need to be secured against a growing range of security threats.
Understandably, many companies feel overwhelmed with the burden of covering all aspects of IT security. So what are the security tasks that should be prioritised by businesses to ensure that they are safe?
>See also: The 2015 cyber security roadmap
Below is a six-point checklist to highlight the vital security steps that an organisation should take. The first three points are measures that nearly every company implements, but the final three are often overlooked – either through lack of awareness or as a result of a decision to tolerate a certain level of risk to avoid additional expense.
While an informed assessment of risk and cost is sensible, it can only be made effectively when the potential threats are well understood.
1. The latest virus and firewall protection
Attacks by virus, worm, Trojan and malicious websites are one of the most common causes of data loss for medium-sized companies. The core security requirements dictate frequent virus definition updates on all machines, including mobile devices. It sounds trivial, but it’s becoming increasingly difficult for IT managers to ensure all devices are updated in good time – automated updates with effective monitoring of this process are essential. Firewall rules and firmware need regular review and monitoring as well, to ensure that no vulnerabilities exist that can be exploited by malicious actors.
2. Patch management
It sounds so simple: regularly install the latest patches on all operating systems and software solutions over the entire IT infrastructure. So why is this simple measure one of the most common weak points in companies? Unfortunately, for many IT managers patch management without automated tools has turned into an endless task to cover the growing infrastructure, and missing a patch update on just one machine can create a security hole that exposes the entire infrastructure.
3. Email security
Threats from viruses and malware from inbound emails remain one of the most common attack vectors. It is essential that these are detected and intercepted by an email security and anti-spam software solution. Email security is ideally suited to deployment of a cloud-based solution that has the scale to deal with the largest attacks and that benefits from the analysis of millions of emails to offer greater protection.
>See also: Cyber security experts set for 20% pay rise in 2015 as businesses crave protection
4. Network security scans
In order to ensure that no threats have slipped through, it is recommended to regularly scan the network, including all virtual environments, mobile devices and network devices for vulnerabilities. In this case the operating systems and applications should go through security checks that are based on industry standards such as OVAL (Open Vulnerability and Assessment Language) and SANS 20 Critical Controls. Exposed web applications should be regularly tested for vulnerabilities as they are often a route to compromise of core business servers.
5. Log data analysis
Many companies don’t even notice, or notice only too late, they have been a target of cybercrime. Effective security strategies should involve real-time monitoring of log data and the regular analysis of security-related event logs. Only then can critical incidents, suspicious activities and indications of compromise be detected early and corrective measures taken. This involves monitoring policies, access controls and audit of specific activities and applications (e.g. IDS, IPS, firewalls). These are significant enhancements to the overall security of the network.
6. Mobile device management
Nowadays mobile devices are one of the biggest risks for many companies. Trends such as BYOD make it almost impossible for IT managers to guarantee security without effective tools. A tool to manage mobile devices, no matter who ultimately owns them, is therefore now an integral part of any comprehensive IT support solution. Remote wiping capability of a lost or stolen device reduces the chance of a significant data breach.
>See also: 2015: the year of cyber security action, not words
There are many other elements that relate to a comprehensive IT security programme, for example a reliable backup solution, regularly informing employees and raising awareness about security issues and addressing the human element for robust IT security. However, implementation of the above core security measures can help to ensure that your business will not be an easy target for cybercriminals.
Sourced from Alistair Forbes, LogicNow