Infosec 2009: Top tips for a safer 2009

Limit access to those who need it. In SMBs, employees given full privileges and access to the network or devices that they do not need to do...

Limit access to those who need it

In SMBs, employees given full privileges and access to the network or devices that they do not need to do their job. This is simply asking for trouble as whilst it is likely that your employees are honest, trustworthy people, as an IT administrator who is responsible for the network security, it remains a risk that you cannot take just in case.

Control the use of portable devices

Endpoint security is another issue based on too much trust. Insider threats can be the most harmful and the least likely to be protected against. Network activity should be monitored and the use of portable devices such as iPods and USB sticks forbidden as it is too easy for a disgruntled employee to steal confidential data undetected.

Limit Internet browsing

End users often fail to appreciate the threats that they are exposed to on the Internet, so limit their browsing capabilities so as not to allow threats to infiltrate the network. The problems often lie with social networking sites whereby malicious links can be sent from a 'friend's' hacked account.

Carry out regular audits on the network

Regular audits may be very tedious and time-consuming, but when it comes to network, security this is definitely a step that should not be skipped. Regular audits let you know what materials are available on the network, whilst log analysis allows you to better understand the way that resources are being used and how to improve their management.

Ensure that systems are secure before connecting them to the Internet

Before any computer is connected to an Ethernet cable or telephone line, anti-virus and anti-spam software must be installed, as well as a program that blocks malicious software installations, and then kept fully updated. Operating systems are prone to security holes and once a flaw is detected, it is usually exploited quickly. Up-to-date security scanners ensure that the latest malicious software is detected immediately, so that the appropriate patches can be downloaded.

Eliminate default accounts/passwords

It may seem basic, but by leaving the default account name and password on test systems - commonly done - hackers can very easily infiltrate the network. Names and passwords should be changed upon immediate connection to the network to avoid hacking.

Always authenticate callers

Authenticating callers might seem like a redundant process for administrators when they can recognise the voice of the caller. However, giving out password changes or other confidential information over the phone without following an authentication process could lead to security problems that often cannot be traced back to their point of origin.

Test your disaster recovery plan

Your disaster recovery plan is probably a work of art, but how does it work in practice? Have you actually simulated a disaster situation where your backups need to be used in order to get your systems back up and ensure loss of revenue is kept to a minimum? Planning such a simulation to ensure that the organization can get back on its feet should an emergency occur is a critical step in security. A disaster recovery plan that fails when put into practice is just another disaster!

Don't go it alone

If you work in an SMB then it's likely that you are the entire IT department and whilst you are likely to be perfectly capable of managing, there's no shame in asking for help with the bigger tasks. Setting up the network on your own is a gargantuan task and outside help should be sought if you don't have the experience. Although it may be costly, at least the job is done right the first time round.

David Kelleher is a communications and research analyst at GFI Software. GFI Software is exhibiting at Infosecurity Europe 2009 on 28-30 April 2009 at Earls Court, London.

Read more articles from Infosec 2009 >>

Read more on IT risk management