- Patch management – all software has vulnerabilities. As they are discovered, software publishers provide patches to prevent them from being exploited. You need to take responsibility for installing these patches as they become available. If you own or manage an organization, you would want a system in place to monitor that software patches are being applied in a timely fashion.
- Endpoint protection – you should have an application installed on all computers which prevents malware infections and prevents unauthorized intrusions. This program must by updated at least daily to ensure you are protected against the most recent threats. If you are responsible for an organization, you would wat a system in place to monitor that the software is functioning, is up to date, and receive alerts when a threat is encountered.
- Password policies – passwords prevent intruders from accessing private information on your computer. They are especially important when your computer is accessible from the Internet since the hackers can be trying to crack it 24 hours a day. The elements of a good password policy are: minimum length, complexity, expiration, and lockout after a certain number of failed attempts. If you are responsible for an organization you would also want to audit login events and be alerted when a lockout occurs.
- Defense in depth – not practical for individuals, but organizations should have multiple layers of security which overlap each other. One of the best examples of this having a network firewall which also blocks malware and unauthorized intrusions. This network firewall would work in conjunction with the endpoint protection to provide layered security. It is extremely likely that any individual product has vulnerabilities, but it is extremely unlikely that two products would have the same vulnerability. Ideally your endpoint monitoring program would also be able to monitor the alerts from your network firewall.
- Business continuity basics – the recent outbreak of ransomware which encrypts your computer files and demands ransom for their decryption highlights the important of having a reliable data backup system. Ideally, you would have some copies off-site and a policy for testing and retention. Still the all-time most common business continuity incident is power failure. Having backup power for your critical systems will not only prevent data loss/corruption, but also protect them from the damage caused by surges when power is restored.
Combining these five controls with reasonable caution on the part of the user will minimize the possibility of malware infection and privacy breach. Please feel free to contact me if you have any questions regarding these controls and how to implement them.
By William J. Osolinski, CISSP, PMP