Jacob J. Walker's Blog

Scholarly Thoughts, Research, and Journalism for Informal Peer Review

The 10+ Cyber Security Practices all Businesses and other Organizations Should Have In Place

without comments

I have been reading recently several sets of “immutable laws” about security, and it is clear that in cyber security, just like real life security, that the locks we place on doors (such as passwords) and the walls we erect, will almost always have a way of being broken, or a flaw (security hole).  Thus, these need to be viewed only as the first line of defense, and that every company and organization needs to have a heavy second and third line of defense, which is to have active intruder detection and alarms when an intruder is detected.   If these additional line of defenses had been better in place, nearly all of the recent MAJOR hacks might have had far less damage done.

I believe, given the sophistication of the contemporary hacker, and the ease of which they can fool us into opening doors we shouldn’t, cyber security within any company or other organization should have at least the following systems in place:

  1. Have regularly updated software, preferably open source to have more good guys looking for security holes
  2. Reduce the number of attack vectors through firewalls, and turning off unneeded services
  3. Use multi-knock techniques on remote access to enable openings only in specific circumstances
  4. Encryption should be used throughout the systems (SSH, SSL, etc.)
  5. Strong passwords for all users, keeping in mind user psychology when developing password polices
  6. Multi-factor authentication for all administrators and anyone who has “keys to the kingdom”
  7. Monitoring of logins looking for statistical patterns out of the ordinary, and an automatic alert system
  8. Honeypot logins, such as “admin”, that should never be used and are clearly hacking attempts
  9. Custom programming and modifications of programs to introduce some security by obscurity
  10. Misdirection and obfuscation of data to slow down intruders, and give more time for detection
  11. Honeypot data, that can be part of the misdirection, to show clear hacking attempts
  12. Filter software that detects anomalies in usage patterns, and large scale downloads of sensitive data (snarfing)
  13. War games and ethical hacking should be done on a regular basis to look for potential security holes
  14. Traditional anti-malware & anti-virus software (but don’t expect this to catch a determined hacker)

Basically, what this is saying is that you still focus on strong walls, and doors with strong locks, but you also create a labyrinth inside your systems, that is being watched, where you set up booby traps with things that the hackers are likely to go after.  While this may seem extreme, the problem is that without such measures, it is very likely that hacking will happen to the company (especially the bigger the company is), and in many cases it might not be detected.  And it is that last fact, that there is likely at least 3 times the number of major hacks than what the news knows of, is very scary indeed.  (At least we can have cat pictures like the one I included with this post to make us feel warm and fuzzy in a cloak and dagger world)

Post Revisions:

Written by Jacob Walker

September 23rd, 2015 at 11:59 am

Posted in Security

Leave a Reply

%d bloggers like this: