6 Quick Wins for Your Security Posture
February 28, 2020 by Loren Lachapelle
The world of cybersecurity – and our threat landscape – is ever-changing. From new types of malware being introduced, to new phishing tactics, anything can happen as hackers work to refine their techniques and target their cyberattacks, hoping to get into your network unnoticed.
While these threats can be worrisome, there is still some good news. Let’s dive into six quick security controls that you can easily implement to strengthen your organization’s security posture.
1. Stop Re-Using Passwords
Management of personal and professional passwords is critical. Avoid using common and generic passwords like Winter2020 – because hackers can easily guess it. Don’t use a company email or other company accounts or passwords for your own personal use and vice versa. This way, if your company account is compromised, your personal data won’t be impacted. At a minimum, separate professional and personal usernames and passwords. Or take it one step further and have a unique username for each of your personal accounts.
To be extra cautious, if you have administrative access to a device or a network, even if it’s your home device, you should always use two separate login accounts. One that you use for your day-to-day activities that does not have administrative rights and another account that you use when you need to perform your administrative tasks.
Finally, it’s always wise to use a password manager. There are many to choose from. One great feature is that they can randomly generate your security question answers, passwords, and usernames. When using a password manager, don’t forget your master password, always do backups, and store critical passwords in a secure, air-gapped location.
2. Patch Your Network
In 2019, almost every major data breach was the result of either weak password usage or known vulnerabilities being exploited on unpatched devices. Although it has been many years since the concept of cybersecurity became mainstream, the two easiest ways that you can protect yourself and your data are still strong password management and timely patch management.
Keeping patches up to date on your systems – such as desktops, servers, firewalls, mobile devices, and switches and routers – greatly reduces the risk of them being compromised through known vulnerabilities.
When patching, it’s best to test patches in small groups, and then patch in increasing sizes, so you can batch it until everything is updated and running smoothly.
3. Enable Multi-Factor Authentication
Multi-factor authentication (MFA) is an authentication method where access to an account is granted only after proving that the account belongs to you. It provides you with an extra layer of security because it requires at least two things to access an account – something you know (a password), something you have (an authentication code generated by an authenticator app on your phone or a One-Time-PIN [OTP] texted to your phone), and/or something you are (a fingerprint).
Even with infrequent vulnerabilities in MFA, it’s an impactful control that you can have in place – don’t wait for an incident to happen to enable it. First, enable it on your personal accounts and work to get support from the top of your organization to start implementing it in your workplace today.
You can check out https://twofactorauth.org to find out which of your accounts offer it.
4. Proxy Your Traffic
In cybersecurity, a proxy is a device that traffic flows through for inspection, control, and monitoring, and, if used correctly, can eliminate most malware threats today. Typically, people purchase a proxy to restrict access to certain types of web browsing, which in turn, protects the user from potential malware threats. For example, your organization may purchase a proxy so people can’t browse out to web sites that have content that the organization does not want in their systems.
When using a proxy to protect against malware, you should program it to block:
- Unknown websites (unrated, new, or uncategorized)
- All malicious categories (phishing, adware, etc.)
5. Segment Your Network
When we think of segmenting things, we think of putting items into different groups. In cybersecurity, that’s no different. People should be able to access certain things that they need for their job, but if they do not need it, access should not be given.
For example, 911 service networks should not be on the same network as the public library. Students should not be on the same network as school staff. Vendors should not be able to plug directly into your network with unvetted access, nor should employees be able to connect their personal devices onto organizational networks.
While this control is a little tougher to implement, you should be looking to segment the users on your network so that an infection on one portion won’t affect the more critical portions of your networks.
You should always be thinking about how you would design your network with security at the forefront. Unfortunately, very few networks were originally designed that way, rather they were designed for availability. Working towards segmentation and having a secure network design will take time, but it will be worth it in the long run.
6. Modify Inbound Email
Most organizations use an email gateway that connects to the Internet – all inbound and outbound email routes through it. Today, it’s common to modify the emails that are coming into the organization. This could be simply adding a reminder at the top of the email that the message is coming from an external source and you should only open attachments if the sender is trusted. A word of caution, hackers can still spoof the sender, phishing can still get by, and company-wide cybersecurity awareness training is still needed.
Getting Started is Easy
If your organization does not currently follow a set of recommended controls, like the ones highlighted here, it is important for you to add at least one set of controls to help safeguard your organization. The Center for Internet Security has published one group of 20 helpful controls, but there are many out there. Tyler Cybersecurity can assist with implementing these controls, and our managed threat detection service, Tyler Detect, can cover the maintenance, monitoring, and analysis of your logs.
Start implementing some of these controls today to bolster your security posture and better protect your data.