The security landscape is continually changing, and our last post described a few of the latest threats cybercriminals are employing in their efforts to compromise your networks and endpoints. As threats evolve, organizations must continue to employ a variety of strong countermeasures. We recommend the following steps for maintaining a solid security baseline.
Employ a multi-layered defense. Deploying security measures at every potential point of vulnerability increases your odds of blocking malicious threats. Firewalls and intrusion detection systems boost security at the perimeter, while anti-malware and patch management software help provide endpoint protection. A rock-solid data backup and disaster recovery system form an important last line of defense.
Enable real-time scanning. To detect malware before it can infect a system, enable your antivirus software’s real-time scanning feature. This will analyze files and programs as they are copied to a system in order to prevent the user from unknowingly becoming infected.
Boost endpoint protection. Laptops, tablets, smartphones, desktops and other endpoint devices are all potential entry points for threats. The latest endpoint security tools deliver multiple security measures via a lightweight client that can be centrally managed and easily updated.
Keep browsers and plugins patched. Many attacks now exploit vulnerabilities in browsers and plugins to get into a system. Use each vendor’s auto update or software distribution tools to install patches as soon as they become available.
Ensure all OS patches are applied. Vendors such as Microsoft and Apple regularly release hotfixes, service packs and security patches to correct operating system vulnerabilities. However, it is estimated that more than half of all breaches exploit known vulnerabilities that have not been patched. OS patch management is critical to security.
Don’t forget “non-Microsoft” software updates and patches. Many organizations count on Windows Server Update Services (WSUS) to manage the distribution of updates and hotfixes. However WSUS doesn’t address vulnerabilities in non-Microsoft software. Attackers are more frequently exploiting vulnerabilities in Adobe and Oracle software. Keep Acrobat, Java and other software updated.
Block P2P usage. The simplest method for distributing malware is hidden inside files shared on peer-to-peer (P2P) networks. Create and enforce a no-P2P policy, including home usage of a company machine. Enforce the policy at the gateway and at the desktop using appropriate security tools.
Turn off AutoRun. Disabling the AutoRun feature in Windows can help stop the spread of network-based worms such as Conficker / Downadup. AutoRun allows executables to automatically run when you insert removable media such as a flash drive. If the drive is infected, AutoRun will automatically spread the infection.
Don’t click on email links. Attackers have become very skilled at making phishing emails look legitimate. Don’t click on a link unless you are certain of its legitimacy. Hovering the cursor over the link will reveal the actual URL in use.
Malicious actors will always find new ways to exploit vulnerabilities. That’s why organizations must stay abreast of likely attack vectors, employ a variety of security measures and make sure that current tools and policies are up to date and being properly used. The security experts at Verteks can help ensure you are prepared. We can conduct an onsite assessment of your systems, identify potential vulnerabilities, and suggest solutions and practices to help you mitigate those threats.
