A Layered Approach to Computer Protection

Tomorrow I speak at the Technolink conference in Los
Angeles.  I was asked to talk on the
subject of computer security, Ransomware, the Obama executive orders on
national infrastructure security and other recent topics affecting businesses
that use information technology or are subject to security and privacy
regulations such as HIPAA.

I know people are going to ask me what they can do to
protect their systems with a layered approach. 
While preparing my notes I came up with this list:

1.      
First and foremost patch your systems – informal
testing here at Alvaka has shown that patching is more important than a
firewall and perhaps more important than anti-virus software.

2.      
Anti-virus software – of course we still
recommend that.  Make sure that your AV
software is up to date also.

3.      
A properly configured firewall – the emphasis is
on properly configured as most are poorly configured.

These next items are where the layering really begins to
help.  These items are required if you
are going to meet HIPAA, GLBA, PCI, etc. regulations:

4.      
Take away your users local Admin Rights if they
have them – If Admin changes can’t be made to the system you take away most of
the abilities of malware and hackers to install their damaging code.  Do this on your own PC and then login as your
own Admin when you need to install new software, etc.

5.      
Add a spam filtering service in front of your
e-mail system – Scanning and blocking spam and malware before it hits your
system is great protection, especially against those phishing and social
engineering scams.  Disaster recovery and
improved regulatory compliance is an added benefit.

6.      
Block risky files types – Why let your users
download Flash files, etc. if they don’t need them.

7.      
Disable Java if it is not required – Not really
a classic piece of layered security, but it is such a problem right now.  If you need Java for a specific or two, then
run it on a different browser.  If you
normally run Internet Explorer, then enable it with Firefox for example.  Just run Firefox when you need the Java
support and then close the program.

8.      
Back-up all your important stuff – I know this
is a basic tenet, but some many times people don’t do this or they are backing
up the wrong stuff.  Check you back-up
and make sure it works.

9.      
Disable Autorun – A lot of malware is designed
to exploit this feature of Windows.

10.  
Endpoint security and Network Access Control –  Before
and after granting network access to a computer, NAC enforces policies that
require up to date antivirus, firewall rules, software patches, etc.

11.  
Device
Control – If USB thumb drives, DVDs, etc. are not required with Device Control
you can block the use of those devices on your network.

12.  
Application
Control – Don’t let users install and run anything they want.  It presents a security risk.  With App Control you are the one in charge of
your network and its security.

13.  
Web
Content Filtering – Many websites can be bad, even ones you think are
trusted.  Web Content Filtering helps
block the websites content that has gone bad.

14.  
Encryption
– Encrypt your important data in-transit and at-rest.

There are a few
other recommendations I can make, but these are some of the best.  What other ones would you recommend that I
did not list here?

Follow these
Layered Protection guidelines and you will have a secure, private and HIPAA
happy IT system.

2013-03-19T02:47:21+00:00