Investing in network security can seem never-ending. After all, the threats never cease. How to direct finite security resources will always be top of mind for enterprises. Sometimes part of the answer lies in going back to the basics, and I am not talking about firewalls, IPS, and DDOS protection.
Recent recommendations have been simple, tried, and true. Revisiting some old school approaches can significantly strengthen the security posture of the enterprise.
Focus inside the perimeter
Says Shawn Henry of the FBI, top cybersecurity agent, “In many cases, the skills of the adversaries are so substantial that they just leap right over the fence, and you don't ever hear an alarm go off.” Most enterprises are vigilant about securing the network perimeter, and they do it well. As the expertise of cybercriminals increases, traditional security measures need to be enhanced. In addition, security breaches will continue to occur directly from within – insiders, such as employees with malicious intent, or employees who inadvertently expose data and the network to risk simply because they do not adhere to basic security precautions.
Come up with a new name
Number one on Infoworld’s list of 10 Crazy Security Tricks that Actually Work sounds so simple it is often overlooked: “rename privileged accounts to something less obvious than ‘administrator’.” So much attention is given to the latest security technology or billion-dollar breach, yet sometimes the simplest moves make for the strongest defense. Says Infoworld “ If the attacker hasn't already made it inside your network or host, there's little reason to believe they'll be able to readily discern the new names for your privileged accounts, and mount a successful password-guessing campaign defeating hackers and malware in one step.”
Better yet, eliminate all admins. Go one step further and institute a policy where you disregard all of the built-in, default privileged permissions.
Think Like a Cybercriminal
Priority one, says NetworkWorld is “to approach security more fundamentally and strategically. Look at security from the attacker's viewpoint, trying to identify what there is to steal and how to go about it.” Ask yourself what is most valuable to the company and begin focusing your resources there. Is it research and development, is it client data, is it manufacturing expertise, is it a secret recipe, etc.? This will help enterprise security and executive teams determine where to focus resources.
Keep your most valuable information off the network
Common sense, yes, but not so easily done. Yet consider the risks. The FBI recently reported an unidentified company lost 10 years worth of research and development, valued at more than $1 billion, to hacker thieves. There is no shortage of stories, and companies know the risks. It is understandable and necessary that in today’s global, mobile world, that data needs to be accessible and available for collaboration. At the end of the day, however, a company may need to take extreme, not-so-practical measures to protect its most unique data. This is not a reflection of the security team; but rather a reflection of the real risk in doing business in a cyberworld and how a company protects its most valuable assets.