Kevin Hayes, CISSP, CISM, Interim VP of Research & Cybersecurity, Chief Information Security Officer
As fall approaches, so will a fresh onslaught of new cyber attacks aimed at taking down your organization and crippling your ability to provide service. However, you can be an InfoSec Rockstar, defending your systems with style. Here are five quick wins you can implement to ensure that your computers, users, and data stay secure:
(1) Require VPN with Two-Factor (2FA) for *all* non-public external access.
Our internal computer systems are becoming increasingly connected, with almost everything requiring connectivity to the outside world. Unfortunately, attackers know this is the case, so vulnerable services such as Remote Desktop (RDP), Secure Shell (SSH), and private web pages are ripe for exploitation. These services are normally meant to never be exposed to the internet, so make sure to give them a boost and add an extra layer of defense! Require two-factor authentication via a VPN before such services can be used; this way they cannot be anonymously attacked without your knowledge.
(2) Take away administrator rights.
Sorry, we are in the year 2019 and the need for the vast majority of employees to have dangerous administrator rights is long gone. Users with these rights can cause severe and irreparable damage to your computer systems, so limit them down to just special accounts used by IT support staff to troubleshoot and install software for the rest of your organization.
(3) Have non-connected backups.
Ransomware attackers are smart, and know that you likely will not pay any ransom if you can simply restore your computer systems from a backup. Because of this, they will search your network for any connected backup files and destroy them before they start holding you hostage. To combat this, ensure that a weekly backup is kept in a location not accessible through your network – either via a tape drive, a disconnected external hard drive, or a cloud file vaulting service which ensures data cannot be deleted.
(4) Keep that Windows Firewall enabled.
I know it can be tempting to just “turn off the firewall” in Windows to make sure that your applications and services are working, but this is extremely dangerous and leaves all other portions of your server exposed. There are several powerful (and dangerous!) features of Windows that you would never want anybody else on your network to take advantage of, so don’t let them! Windows maintains several “profiles” for you, and you can easily select which profile applies within your network settings.
(5) Use Application Whitelisting.
Want to know the ultimate secret behind stopping malware and ransomware from crippling your organization? Those bad pieces of software can’t hurt you if your computers literally cannot run them! Whitelisting is a free feature within Windows, and you can configure Group Policy (GPO) to only permit the running of approved software, including all software signed by manufacturers you approve of. It is super flexible, simple to configure, and has personally saved me before during a malware outbreak.
The current and future security posture of every organization requires a custom approach. Merit is now developing Chief Information Security Officer (CISO) consulting packages tailored to go hand-in-hand with your budget, organization size and unique challenges in mind.
CISO Premium Engagement – “We need a formal assessment.”
Looking for a formal, top-to-bottom point-in-time assessment of your cybersecurity posture? Our CISO premium engagement provides a comprehensive analysis of all aspects of your security program, including detailed executive and techincal reports aligned with the NIST Cybersecurity Framework (CSF) as well as the CIS Top 20 Security Controls. Network-based and host-based vulnerability scans are performed for additional analysis and validation, and your leadership team is presented with an easy to understand summary of all the areas selected for improvement, as well as the areas which are being addressed exceptionally well by your staff.
- Comprehensive assessment
- Executive summaries
CISO Advocate Program – “We need guidance with our program.”
Looking for ongoing on-demand guidance throughout the year to make sure that your cybersecurity efforts stay on the right track? Our CISO Advocate program provides budget-friendly continual expert advice, strategy, and planning specific to your organization. We begin with a half-day discovery session to understand your key systems, processes, technology, culture, and information. All throughout the year, your security efforts are supported by both monthly structured strategy meetings as well as on-demand issue consultations. Take advantage of our experience and execute your security projects successfully with our CISO on your side.
- Half-day onsite
- Budget friendly
CISO Micro Assessment – “We need a quick review of the basics.”
Need to know where to start when it comes to security? Our CISO Micro Assessment is perfect for organizations that know they need to begin somewhere with their security program. This inexpensive service focuses on analyzing the Top 6 Basic CIS controls at your organization, providing you and your technical staff actionable advice on how you can springboard your security efforts out of the unknown.
- Focuses on Top 6 attainable steps
- Actionable advice
Questions? Contact Kevin Kayes at:
[email protected] | 734.527.7210