Friday, August 23, 2019
Be aware of phishing, social engineering, and evasion of security safeguards. Something that might not get flagged by your security software or virus protection may still be a security risk and fly under the radar. Make sure to periodically audit and penetration test your set up. Possibly hire white hat hackers to do this for you.
Consider implementing the idea of security through obscurity. For example rather than have a whole entire operating system complete with miscellaneous programs and Word and paint if you’re running a web server you can have a “crippled” and hardened system that only has bare essentials to run the tasks and functions necessary.
It’s also a good idea to keep your hardware out of site and out of mind. For instance your server storage rack should be unable to be accessed by anyone other than staff and not where a kid can come and pull out a plug or even insert USB attachments etc. Make sure you can’t have keyloggers and bugging devices attached.
You have to reduce attack surfaces and close ports.
You need passwords longer than 12 characters.
You need to change passwords periodically.
Don’t have applications autologin or save passwords.
Use different types of accounts for different purposes.
Don’t use your name or obvious biodata in your passwords.
If you set up an admin account make sure to change the default usernames and be sure to use aliases or nicknames for the front facing publically viewable information.
Make sure to configure access permissions. May need to establish group policies and move users to it so everyone in that group has predetermined levels of access and permissions.
Manage your keys carefully.
Encrypt your data and traffic.
Be careful with forwarded emails and just opening emails in general.
Don’t allow data outside your company in certain ways.
Only allow certain permissions and pre-approved apps and software only.
Double check app permissions. Also be careful of free applications.
If you take these and other steps you can help prevent data loss. Lot of people don’t realize that their phone is a minicomputer and are quick to install virus software on their computer but don’t even think twice to install a malware scanner on their phone which is basically an always on and connected device. Turn it off and shut it off (the Internet and other connections) when you’re not using it if possible including location.