How Hacking Is Done In 2022, Part Five of Five

Created 2 years 121 days ago
by RitaP

Tags:
Categories: categoryTechnology
Views: 1123

by Scott Lewis

Understanding that there is no such thing as 100% secure, the human factor will ensure this; however, here are some products and methods to increase your overall security and reduce the impact of a cyberattack, such as ransomware, crypto, or an old one fashion unauthorized hack.

- Keep Corporate Firewalls current – One of the most critical devices on your network is often overlooked when it comes to updating and life-cycle replacement. Firewalls typically, once configured, continue to run; however, the manufacturers update the operating systems, upgrade CMOS, and at some point, the device needs to be replaced due to limitations in the OS and lack of support from the manufacturer. It is also critical to ensure that the firewalls you are implementing are a suitable class of firewalls. Not all firewalls are created equal, so do some research and pick the right one to meet your business requirements.

- Install Anti-Virus – Anti-Virus is critical to your security plan; it should be loaded on all your workstations, laptops, and mobile devices. Most of the major players when it comes to Anti-virus can cover all these access points, programs like Trend Micro, MacAfee, Symantec, and Webroot, to name a few quality products. In the corporate environment, ensure that you purchase the corporate version of the software. You can review updated and when, push out from the console updates, and new virus signatures.

- Sentinel One or CrowdStrike Falcon – Sentinel One and CrowdStrike Falcon are competing products, and they are great products; however, as with every software, differences and preferences depend on your overall goals and objectives. These products offer expanded protection through detection, containment, and resolution automated processes. Using this type of Business Intelligence and Artificial Intelligence to counteract the processes of hackers has become more and more critical.

- Multi-Factor Authentication – This is a must in today’s computing world; if you are not using two-factor authentication, it is just a matter of time before your business is a victim. Products like DUO or Microsoft 2 Factor Authenticator are two examples of two-factor authentication programs. All programs have their plusses and minuses, so it is essential to ensure that whichever program you use applies to your business gives you maximum protection.

- Auto Logout on Servers – IT people have a terrible habit of not logging out of servers; I’m not sure why this happens, being we are the ones that are supposed to enforce security on the network. However, there is a solution: setting up auto log out on the servers. There are some risks to this because sometimes the IT people are running updates or patches or other activity, so you have to weigh the good and bad, but it would be recommended to set this up. There is more good than bad in this.

- DNS Protection – DNS hijacking is on the rise, and it is complicated to know if you are a victim or not; DNS is the human interface to how people find websites, email addresses, and IP addresses. Once your DNS has been hijacked, they can change your IP address, which could be used to send people to a different site when they enter their login credentials; products like Sentinel One, CrowdStrike Falcon, and OpenDNS all prevent DNS hijacking.

- End-User Training – End-user training is critical to the security of your network and building a culture of security within your organization. KnowBE4 is an excellent tool for testing your users’ willingness to respond to phishing attempts, Malware, and other threats. KnowBe4 also can educate if a user responds to a fake phishing attempt; the software will show them a video on how to recognize phishing and other security threats better. Human Resources can also report on repeat offenders so you can identify the most significant risks within your business. Ongoing and repetitive training is key to building your security culture.

- DarkTrace BI Systems and Monitoring – DarkTrace is an Autonomous Cyber Artificial Intelligence device and service. DarkTrace can interrupt cyber-attacks in real-time outside your network and internally to your network. DarkTrace can track cyber attackers back to the source and protect you against ransomware email phishing in the cloud and on-premise systems through automated business and artificial intelligence. The DarkTrace Network Operation System actively monitors your DarkTrace device to ensure that any alerts are handled instantly and protected by your system. DarkTrace is a great complementary product with Sentinel One or CrowdStrike Falcon.

- Remote Backup Systems even in Microsoft 365 (Datto) – Don’t lull yourself into a false sense of security if you use Microsoft 365 (also known as Office 365). It is critical to ensure that you are backing up through an independent source such as Datto or Barracuda using their cloud-to-cloud backup processes. Although we want to believe that Microsoft is backing up our data, the truth is they don’t; however, Microsoft does offer a limited backup process, but it is not equivalent to the products and independent operation of Datto or Barracuda.

- Password Policies End-Users -- In 2020, the NIST, the National Institute of Standards and Technology, changed their guidelines for end-user password management (SP 800-63-3). The new guideline simplifies password management by leaving out overly complex security requirements. Research has found that users don’t like complex passwords, nor do they like changing them regularly. The research showed that passwords became predictable, and the environment became less secure due to the predictability and the use of dictionary words, along with sequential number patterns. The NIST now recommends the following for end-user passwords, with the caveat that Multi-Factor Authentication is in use and active.

NIST Password Requirements:
- Set an 8-character minimum length – we recommend a 12 character minimum length.
- Change password only if there is evidence of a compromise
- Screen new passwords against a list of known compromised passwords
- Skip Password hints and knowledge-based security questions
- Limit the number of failed authentication attempts

NIST Password Recommendations:
- Set the maximum password length to at least 64 characters
- Skip character composition rules as they are an unnecessary burden for end-users
- Allow copy and paste functionality in password fields to facilitate the use of password managers.
- Allow the use of all printable ASCII characters as well as all UNICODE characters, including emojis.
- SPAM and Malware Protections – If you are a Microsoft 365 company, ensure that you have the full suite of Advanced Threat Protection turned on and configured. Even though you are on the Microsoft 365 platform, it is still your responsibility to secure your system and data; Microsoft is not proactively monitoring your system for security. You can also use Barracuda SPAM and Malware protection and web filtering as an additional layer of protection.

- Routine Password changes (Routers, Firewalls, Switches, Administrator, and Service Accounts) – When it comes to passwords, there is more to it than user passwords or administrator passwords; there are switch passwords, router and firewall passwords, and service accounts which are copiers, printers, phone systems and in some cases software that requires a username and password on your network. Since most of these devices are behind your firewall and not exposed to the Internet directly, that doesn’t reduce the need to secure these devices and, annually, at a minimum, change their passwords. Firewalls, Routers, Switches, Copiers, printers, and other devices should never be set up under that domain administrator account or tied to a specific user account. Each device should have its service account with only the permissions required for proper operation.

Scott Lewis is the President and CEO of Winning Technologies Group of Companies, which includes Liberty One Software. Scott has more than 36 years of experience in the technology industry and is a nationally recognized speaker and author on technology subjects. Scott has worked with hundreds of large and small business to empower them to use technology to improve work processes, increase productivity, and reduce costs. Scott has designed thousands of systems for large, medium, and small companies and Winning Technologies goal is to work with companies on the selection, implementation, management, and support of technology resources. Learn more about Winning Technologies at www.winningtech.com or call 877-379-8279.