Businesses have become much more aware of the threats, and shortcomings in their environment while working remotely, here are five key steps to start a solid “hardening” of your IT perimeter:
Limit administrative access
Offering end-users administrative privileges they don’t need is tantamount to giving cybercriminals the keys to the kingdom. Firms should adhere to the principle of least privilege, restricting users’ rights and permissions to their specific job duties. This may require some “handling” of antiquated software which may have required this in the past.
Administer security awareness training
Cybersecurity awareness training is key in helping end-users identify cyber threats and manage them appropriately.
Implement network segmentation
This breaks up the network into chunks that can be more easily managed and limits an adversary’s visibility of your network and assets. Each of these segments should be protected with firewalls, and network traffic should be limited to these divisions as well. By restricting the ports and protocols that each system on the network is serving and restricting those services solely to the endpoints and networks that require them, the spread of an attack can be curbed significantly.
Implement vulnerability management
Firms should work with an IT provider that conducts frequent inventory checks, stays abreast of the latest patch releases, and, adopts an automatic patch deployment schedule.
Ensure visibility
Ideally, firms should work with an IT provider that employs tools that offer a deep analysis of their systems and automatically tackle threats as they appear.
As always, please give us a call if you have any questions about this.
We can be safer online, together.
Chris Schalleur