Simplify Prevention

Simplify Prevention#

Investing in prevention measurements is the easiest and simplest way to minimise cyber security risks.

Good cyber security prevention measurements are simple and cheap. So before investing is expensive cyber security software solution follow these simple prevention rules:

Make a daily-back of important data.

A simple backup that works is cheap, simple and effective against many security threads. Having idiot proof backups is the most valuable weapon against ransomware.

Off-line, incorruptible, and disconnected backups – that cannot be encrypted by the malware – is a key corrective control that stops the malware from encrypting your ‘live’ data as well as the backed-up data.

Give only access on a need to know basis to information.

Access control limits the risks of exposure of information. If information is classified make sure that the list of real people whe have access is very limited. Note that information is created to be shared, not to remain secret.

If you do not understand or trust your access control system: Do not use it!

If you do not know who (real persons) have access to your classified information: Red flag!

Make sure you train people regularly on how to handle classified information.

Information that is vital for your organization should be classified using a rating that makes sense. Also do not forget to classify information like:

  • Configuration parameters.

  • Software contracts.

  • Backup procedures. Remove sensitive information when it is no longer needed. So keeping logs of all sorts of payment information and details of customers should be limited in time.

Eliminate complicated IT management tasks by automation.

Humans make errors. And often random errors. Software scripts used for automation do not make random errors. If an error is found in a configuration script you can fix it. The same error will never occur again.

Patch applications.

Many applications are regularly updated to address security vulnerabilities as they become apparent – quickly and regularly updating (or ‘patching’) the software will remove a key means by which cyber-security attacks are carried out.

Avoid discussion if a software update is applicable for your situation. Just update your software since features not used by you can still be used by hackers.

Since software updates can and will fail: Always make sure that you can roll back. So before applying software updates:

  • Validate that your data is on a safe backup.

  • Validate that your roll back procedure is working. It is common that good software has these features build into their update procedure.

Patch operating systems.

As with applications, security weaknesses are often discovered in operating systems. Again, quickly and regularly updating the operating system defends against most cyber-security attacks. The WannaCry attack in 2017, for example, took advantage of a vulnerability that had been patched for nearly two months.

Restrict administrative privileges.

Microsoft Windows is intended to be easy to use, and often users have free reign of the computer. However, administrator privileges should only be provided on an as-needs basis, as otherwise exploits have the ‘keys to the kingdom’ and can corrupt the computer itself.

Also on unix based systems, appliances and network devices limiting administrative privileges is a must do. Software SHOULD never have to use a high privilege account to run.

Prevent untrusted code to be run.

So use MAC (mandatory access control). Despite the many technologies like sandboxing, the most important and simple measurement is: to think! Be aware of attachments and downloads of strangers.