Spring is that time of year when we declutter our closets and scrub windows to let the light in for those upcoming bright sunny days. An organization’s network is no different. It is a time to review, assess and purge any unwanted digital junk to help secure the network environment. Here are some spring cleaning tips to get you started.
Update Software on All Systems, Devices and Applications
Windows and Apple have automatic update features that when turned on, will keep computers updated with the latest operating system (OS) features and security patches. Check that the automatic update is turned on and that the latest version is running on the computer.
Not only is it important to update the OS, there is also the security solution. Check that the network hardware and other devices have the latest firmware installed.
Are you aware of how much OpenSSL is used within the organization? Numerous vulnerabilities have been identified. Know what code and software are implemented where and validate that it is patched.
Out with the Old
It’s amazing how things are held onto because one day we might need it again. This is when the archive feature comes in handy.
- Clean out old emails. If an old email or folder must be kept, archive it.
- Remove outdated groups.
- Delete or archive old files.
- Audit and remove access from inactive users such as former employees/contractors.
- Audit access rights to company data and systems. For example, employees whose roles have changed within the organization need to have their access rights reviewed. Limiting the access to data and systems helps to reduce exposure to potential exploitation from hackers.
- Remove outdated equipment. Tossing away outdated equipment is no longer an option. Use a facility that will shred those old hard drives, disks or memory cards. If this equipment lands in the wrong hands, there are ways to extract data.
- Remove old software if it is no longer being used. Keeping software that is no longer being patched or used creates vulnerabilities that can be exploited by hackers.
- Remove or fix any insecure certificate chains.
Review and Tidy Firewall Rules
Review firewall rules to check that they are in line with the organization’s security policy. Ensure that the allowed connections are as explicit as possible to prevent opening an avenue for an attack. Once the review and updates are made to the firewall rules, test them.
Back It Up
Do a full backup. Store the backup in a safe and secure location offsite. With the increase of ransomware, any backup connected to the network will get encrypted.
Freshen Up Passwords
Ensure that all devices are password protected. What is the strength of the passwords used on the network? Are users enforced to change their passwords after a period of time? Review and assess that the policy for passwords is as strong as it can be.
Review the Incident Response Plan
The Incident Response Plan is a living document. Was it recently reviewed? An organization is not static. Procedures need to reflect changes and employees may have moved on to new roles. Does the plan reflect this? Update the Incident Response Plan to reflect the current state of the organization. Identify the correct employees for the Incident Response team. Check that their contact information is up-to-date. Test the plan. Make any revisions to ensure that it will bring the business back up as quickly and as efficiently as possible.
Review Cyber Threat Intelligence Feeds
Confirm that the organization is not only subscribed to relevant intelligence feeds but that the necessary responses are in place to act on the information in these feeds. It does not serve an organization if the feed requires installing a patch or take action and no one responds.
Capture the Right Security Data
Review the captured security data. Does it support the necessary analytics to help review behavior patterns? Create a baseline of activity to help identify suspicious deviations which can help detect attacks on the network.
Review Virtual Private Network Security (VPN)
Review who has access to the VPN and remove any user access or network-to-network connections that no longer serve the organization.
Use a Third-Party Auditor
There’s nothing wrong with using a third-party auditor to get a deeper insight into the security setup of the organization. They can be objectionable and take a fresh look at the network setup to identify outdated security practices and technology.
Leave a Comment