Protect Your Enterprise
If you haven’t heard it yet, the employee is the weakest attack vector in any business, in any vertical. To mitigate this threat, there are some simple, best practices that must be implemented.
Employees require training that is presented in short, minute long increments aimed at testing their security resolve through social engineering and Phishing simulations. As employees become hardened against generic and standard phishing, they need to be tested with harder and more cleverly crafted test emails so they are able to quickly identify and report phishing attempts. The malicious actor needs only one victory to gain entry into the network, installing their payload, whereas the employee must never be fooled and maintain a constant security mindset.
Protect your network edge by removing entry points to your infrastructure. Automated systems are carefully moving laterally from one IP Address to another, testing for and finding openings for remote control and other entry point technology. Once found, automation is employed to determine the owning entity through use of online free tools and it can begin a smart and slow brute force against the interface, guessing credentials.
Eliminate shared user accounts and implement MFA (multi factor authentication) for each user wherever possible. Ensure that all elevated privilege accounts are separate from user accounts and only used when making changes. Implementing a security in depth approach can stop or hinder malicious activity due to the multiple layers of your identity defense fabric. Implement a password policy that has users change their password every six months and let’s not get hung up on password complexity, but rather have the user create a passphrase that is longer than fourteen characters and easy to remember.
Monitor your security logs by implementing a SIEM (Security Information and Event Management) server or other technology that will process logs on systems and alert you when failed authentication errors are repeated in rapid succession. This can indicate an internal brute force attempt on lateral systems, proof that something malicious may be inside the network trying to authenticate against connected devices to spread infection.
Budget does not determine operation resiliency. Employee training, granular configuration and security in depth are the prevalent factors which help maintain the integrity of your infrastructure.