From ITWorld. Here are some security techniques you can use that, in spite of how goofy they may sound, actually do provide an increased security profile.
- Renaming administrative accounts. While this is often recommended, it is seldom done. Please be aware that in the history of automated malware exploits, they have always gone after the built-in administrative account names. By changing them, you defeat the authors with a simple name change, plus it is easier to monitor login attempts on the standard admin account names once they are no longer in use.
- Disable local admin accounts. Microsoft started disabling this accounts by default with Windows Server 2008. If you are running older version of Server, you can do this too. Keep one special privileged account that you created, so you can turn them back on if you need them later,
- Honeypots. This is a computer on your network that exists just to attract attackers. When attacked it notifies your IT staff, and allows them to monitor the attacker to see what they are up to. Low cost to high return value.
- Change default ports. Services that run on default ports make for easy targets for attackers. Change your default ports and improve your security.
- Install applications to custom directories. Again, this is an effective way to block automated attacks by installing your programs where the bad guys won’t think to look.
- Tarpits. Like Honeypots, Tarpits exist to trap attackers and slow their progress. Tarpits work by answering requests for unassigned IP addresses, and then using delaying tactics to cause an attack to stall.
- Screensavers. Many people see them as a nuisance, but a password protected screen saver that kicks in after a few minutes of inactivity prevents someone else from sitting down at your computer and browsing or copying files. Even if stolen, once your screen saver kicks in, the device becomes annoyingly useless to the perpetrator.
- Network Analyzer. With so much of the attack traffic originating from overseas, monitoring incoming and outgoing traffic for countries of origin and destination can save your bacon. Would there be a legitimate reason for a several hour, multi-gigabyte connection with China, for instance? Probably not.
- Disable Internet browsers on servers. Since most attackers begin as a Trojan horse download from a hijacked or malicious web site, eliminating or severely restricting Internet browsing on servers can reduce your exposure.
- Secure software development. If your company develops their own software in-house, or through contractors, make sure that the code is written with security best practices in mind.
These tips will keep your business network secure without impacting usability or performance..
Share
26
JUL
JUL
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com