First Line of Defense: Best Security Practices for Users

Hi all,

if you know us (if you don’t, this is a perfect time to catch up), you should know that SecludIT is mostly committed on building a great and cuttind-edge vulnerability scanner.

Today we want to put emphasis on something that is often underrated when talking about security: user awareness. Indeed, our vision is that it’s useless to spend thousands of euros for cutting-edge security products and military-grade encryption if you, or your employees, don’t apply basic security principles. We all know that perfect security doesn’t exist, but you can get really close to it thanks to the combination of multiple lines of defense.

First line of Defense

The first line of defense is basic security practices that all your employees should wisely apply in order to prevent simple yet very harmful attacks (e.g. phishing). Also, we have observed that often administrators tend to focus only on the security of servers, mistakenly considering workstations as a second-class citizen in the world of security. However, what happens if a workstation gets hacked and sensitive documents are stolen from it?

CredentialsLaptop

On the other hand, your last line of defense is advanced security tools such as antivirus, antispam, web application firewall, IDS/IPS, SIEM, vulnerability scanners and so on. Without a proper user training on security, employing cutting-edge security solutions cannot fully protect your company from external threats. The goal isn’t to make users suffer from security paranoia, but it’s important they understand that security is a concern.

Best Security Practices

This being said, let’s have a quick tour of the main security practices that you teach your employees about:

  • Do not click random links: To avoid viruses, phishing and other threats via email or instant messaging, think before you click; if you have a doubt, ask your administrator before clicking. Are you an administrator and wanto to find out how many of your employees would be victims of a phishing attack? Check this tool out!
  • Beware of email or attachments from unknown people: Never open an attachment you weren’t expecting or can’t identify, and if you do not know the sender, just delete the message without even reading it;
  • Do not download unfamiliar software off the Internet: many free programs publicly available on the Internet contains spyware and other kinds of malicious software. Installing any of these programs can severely damage your operating system, waste resources, generate pop-up ads, and steal personal information. Get software from reputable sources such as official app stores;
  • Log out of or lock your computer when stepping away, even for a moment: Forgetting to log out leaves your account open to abuse and gives everyone around a possibility for doing malicious stuff on your behalf or simply destroy your data. Just remember to log out of or lock your computer whenever you leave it, it takes 2 seconds;
  • Remove unnecessary programs from your computer: Uninstall any software and services you don’t need. If you aren’t sure, ask the administrator;
  • Enable remote access only when necessary: Remote access tools (such as SSH or RDP) are great but introduce an additional attack surface. Therefore you should enable it only when you really need it;
  • Remove data securely: Maybe this is a bit too advanced but if you want to make sure that your data are really removed, you should use tools for secure data deletion. Indeed, simply deleting sensitive files isn’t enough, as it doesn’t eliminate the possibility of recovering files by accessing the hard disk. You can avoid that by using free software such as http://eraser.heidi.ie/.
  • Don’t send sensitive information in clear via email: when it comes to sending sensitive information via email, please use tools like PGP or more generally public key cryptography. Nowadays there are plenty of tools which make the integration with your favorite email client extremely easy;
  • Changeg your password often: users should change their password at least every 6 months and use strong passwords. Also, passwords shouldn’t be written down (please don’t use a post-it as a password reminder);
  • Keep your software up-to-date: I know, updates can bother sometimes, but they are crucial for keeping your system and your data secure;
  • Consider using an Anti-Virus (AV) software: Anti-virus software should always be installed. Anti-virus software should be configured to update daily. Please, don’t disable your anti-virus to play video-games faster. There are plenty of free yet reliable AV softwares out there, just pick the one you like the most: http://www.pcmag.com/article2/0,2817,2388652,00.asp
  • Web Browsing: Don’t visit suspicious websites, they may lead to virus or spyware infection;
  • Physical Security: This isn’t a software threat but it’s still extremely important. Don’t let anyone without an appropriate authorization access your offices.

disable-remote-desktop-logoff-idle

Shadow IT

In addition to these common security principles, there is a new issue that has recently come up with the advent of smartphones and cloud-based applications. Indeed, nowadays it happens often that employees bring their own devices (mainly smartphones) at work or they access work-related (thus confidential) data when remotely working from home. In a few words, This phenomena is also known as Shadow IT and makes very difficult for administrators to effectively track and keep under control the activity within the enterprise network.

System Administration

Also, there are a few actions that you, as an administrator, should take in order to guarantee the security of your infrastructure:

  • First, never forget to put in place a reliable and solid backup solution and perform backups at least every week. In the real-life there are plenty of examples where a missing backup has destroyed a business.
  • Second, be cautious when using WiFi networks, which are known to be vulnerable to many simple attacks. The risk is even higher when an employee works from home since you have no control over his own domestic network. WiFi “guest” networks can also be dangerous if not properly protected with strong encryption: even though such networks are supposed to be used only by visitors, they may use it to send sensitive information such as confidential documents.

194-lighterside

Conclusion

We hope that you found these indications helpful. Besides, the main take-away is that advances security software like vulnerability scanners are foundamental tools to secure your infrastructure, however it’s up to you, and your users, to do your best to keep it secure.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s