the secure:channel

Click here to read more about SpamStopsHere, the e-mail security company that brings you this blog.

October is National Cyber Security Awareness Month, as designated by the US Department of Homeland Security. As a result, I’ll be focusing my articles on protecting your users and your network.

Although many organizations are likely to protecting data with passwords and a network firewall, there are many network access controls that are overlooked. I’m going to cover some of the most common ones.

Centralized Control

Many organizations allow their users to store company data on computer workstations. Unfortunately, the company usually has no way to monitor logins on those computer workstations, even multiple failed logins in a row. Addtionally, there is no way to audit access to the information stored on the computer workstations.

Most organizations would do well to have only applications installed on the computer workstations, and then store all data for those applications on a centralized server that requires authentication and is in a secure facility. A criminal, including any disgruntled employee, should be able to run away with a computer workstation and have nothing of value other than the hardware itself.

If data is stored on the computer workstations, they should have encrypted file systems and your users should log out of the system when it’s not in use. Auto log out after periods of inactivity should be enabled.

Passwords for access should be changed on a regular basis.

Data Encryption

Most data access control is simply a software mechanism that allows access to the data stored on a hard disk. The easiest way to steal data is usually by stealing the entire hard disk, bypassing the access mechanism. All valuable data should be stored encrypted with a strong encryption key.

Additionally, it’s very important that your off-site backups are encrypted. It’s very common to have a centralized server protected with excellent physical security and then to periodically just let all of that data out the front door on it’s way to the secure off-site storage. This weak link in the physical security can be protected with proper encryption.

Remote Access

Make sure that any wifi routers on your network are necessary and that they use WPA for encryption. Change the key on a regular basis and retain strict control over it, by not allowing it to be copied.

Make sure that any VPN access to your network is tightly controlled. Maintain strict control over any certificates and expire ones that are no longer needed.

Ensure that any dial-up modems on your network allow only proper access, and that any authentication mechanisms are expired when no longer needed or on a regular basis.

Usage Policies

Users should not be allowed to install any software on their computer workstations that hasn’t been authorized by the company. Additionally, no storage media or personal computing devices should be allowed on the company’s premises that haven’t been authorized for use by the company. No company data should ever be allowed on a personal computing device.

Monitoring

Companies should monitor all access of the company’s network and data. This can include MAC address monitoring at the switch which can help show unauthorized devices on the network, as well as include failed and successful logins, and what data was accessed and when.