+27 11 475 2407 info@aves.co.za

5 Quick Wins for your IT Security system

by | 3 Feb 2016 | Thought Leadership

}

2 mins

With an increasing trend of overworked employees¹, we know that your time is valuable. That is why we thought to bring you the first five quick wins that you as an IT professional can easily implement in your organisation to proactively reduce the risk of cyber attacks. These fundamental cyber defence tactics provide the greatest risk reduction and protection against the most dangerous threat actors.²

1. Whitelist applications

on each type of business system, including servers, workstations, laptops and other mobile devices. Application whitelisting technology can be used to only allow authorised software to run, whether the software is commercial or custom-built.

2. Use standard, secure system configurations

that represent hardened versions of the underlying operating system and installed applications. Validate and refresh these images on a regular basis to update their security configurations and thereby protecting the system against recently discovered vulnerabilities and attack vectors.

3. Patch application software within 48 hours.

These processes can be usually automated easily with the specific vendor’s technology. When the application can no longer be patched, update the software to its latest version. And lastly, schedule at least annual system checks to remove outdated or unused software as the applications may become easy access points if left untouched on the system.

4. Patch system software within 48 hours.

As with application software, effective patch management is the most important security tool you have at your disposal. Run SCAP-validated vulnerability scanners on your network at least once a week to detect and prioritise critical vulnerabilities on two levels: code-based vulnerabilities, and configuration-based vulnerabilities.

 

5. Reduce the number of users with administrative privileges

to only those who have the knowledge and business need to modify the configuration of the underlying system. This will help prevent installation of unauthorised software and other abuses of administrator privileges. Combine this with frequent audits of how administrative privileged functions are used and if any anomalous behaviour exists for maximum effect.

Do you like this article? Sign up to receive updates of new articles like these straight in your email inbox >>

Pin It on Pinterest

Share This