A Layered Approach to Computer Protection

Tomorrow I speak at the Technolink conference in Los Angeles.  I was asked to talk on the subject of computer security, Ransomware, the Obama executive orders on national infrastructure security and other recent topics affecting businesses that use information technology or are subject to security and privacy regulations such as HIPAA.

I know people are going to ask me what they can do to protect their systems with a layered approach.  While preparing my notes I came up with this list:

1.       First and foremost patch your systems – informal testing here at Alvaka has shown that patching is more important than a firewall and perhaps more important than anti-virus software.

2.       Anti-virus software – of course we still recommend that.  Make sure that your AV software is up to date also.

3.       A properly configured firewall – the emphasis is on properly configured as most are poorly configured.

These next items are where the layering really begins to help.  These items are required if you are going to meet HIPAA, GLBA, PCI, etc. regulations:

4.       Take away your users local Admin Rights if they have them – If Admin changes can’t be made to the system you take away most of the abilities of malware and hackers to install their damaging code.  Do this on your own PC and then login as your own Admin when you need to install new software, etc.

5.       Add a spam filtering service in front of your e-mail system – Scanning and blocking spam and malware before it hits your system is great protection, especially against those phishing and social engineering scams.  Disaster recovery and improved regulatory compliance is an added benefit.

6.       Block risky files types – Why let your users download Flash files, etc. if they don’t need them.

7.       Disable Java if it is not required – Not really a classic piece of layered security, but it is such a problem right now.  If you need Java for a specific or two, then run it on a different browser.  If you normally run Internet Explorer, then enable it with Firefox for example.  Just run Firefox when you need the Java support and then close the program.

8.       Back-up all your important stuff – I know this is a basic tenet, but some many times people don’t do this or they are backing up the wrong stuff.  Check you back-up and make sure it works.

9.       Disable Autorun – A lot of malware is designed to exploit this feature of Windows.

10.   Endpoint security and Network Access Control -  Before and after granting network access to a computer, NAC enforces policies that require up to date antivirus, firewall rules, software patches, etc.

11.   Device Control – If USB thumb drives, DVDs, etc. are not required with Device Control you can block the use of those devices on your network.

12.   Application Control – Don’t let users install and run anything they want.  It presents a security risk.  With App Control you are the one in charge of your network and its security.

13.   Web Content Filtering – Many websites can be bad, even ones you think are trusted.  Web Content Filtering helps block the websites content that has gone bad.

14.   Encryption – Encrypt your important data in-transit and at-rest.

There are a few other recommendations I can make, but these are some of the best.  What other ones would you recommend that I did not list here?

Follow these Layered Protection guidelines and you will have a secure, private and HIPAA happy IT system.