Top tips to guard against Stuxnet

There is much that security professionals can learn from Stuxnet, says Adrian Davis, principal research analyst at ISF for the Stuxnet Think Tank. The malware should have sounded a call to action on several fronts.

There is much that security professionals can learn from Stuxnet, says Adrian Davis, principal research analyst at ISF for the Stuxnet Think Tank. The malware should have sounded a call to action on several fronts.

First, says Davis, IT managers should ensure all laptops, servers, desktops, multifunction devices and process control systems are configured correctly and securely.

Second, never allow anything on the network to connect directly to the internet. “Route all traffic through your firewalls and demilitarised zone [DMZ],” says Davis.

“If there are devices that need to connect directly, don’t put them on your network or put them behind a firewall. Control connections to devices using VPN access, and consider physical or logical segregation of your networks.”

Third, where possible, disable the use of USB devices, says Davis. “If you have to use USB sticks to transfer data or updates, consider using dedicated USB devices.”

This was last published in November 2010

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close