Choose to ignore it and you’ll pay later (just ask the city of Atlanta)
In March of this year, the City of Atlanta found out the hard way what failing to do a security check-up can mean. They were hit with the SamSam ransomware, which created an encrypted wall that prevented employees from accessing needed data. It ground city services to a halt. They couldn’t collect parking fines and receive payments for city services. The cyber attackers threatened to wipe the city’s computers clean unless they paid the bitcoin ransom. It’s hard to determine if they paid it, but, regardless, it took weeks to bring all of the services back online. The resultant hard and soft costs were significant.
Let’s be honest, getting a check-up of any kind isn’t the type of thing you look forward to. But getting those “all-clear” results is well worth the stress leading up to the event. And here’s the great news about conducting an IT security check-up for your organization―if you have an issue that is exposing your network, you’ll be able to address it before it becomes an issue, and get the satisfaction of an all-clear diagnosis.
The Security Check-Up―not hard, but critically important
Other than the first bullet point listed below, the following key elements that need to be included in a security check-up are not in order of importance. Training is listed first because, well, the biggest security threat to companies comes from the actions or inactions of their employees. That’s not to say that employees are operating in a purposeful, deviant manner (hopefully not), but they’re the ones who offer most of the unintentional gaps and access points that expose organizations to ransomware, malware, Trojans, et al.
Implement security awareness training
Create policies concerning network security, provide accompanying training, and heavily stress the importance of strictly adhering to them. For every employee (and there could be hundreds) who rolls their eyes at what might seem like commonsensical security training, all it takes is that one individual who doesn’t pay attention. Make sure users ask themselves, prior to opening a link or attachment:
- Do I know the sender?
- Do I really need to open this link or file?
If they don’t consider these questions, your organization could be ripe for the picking―or phishing.
Is Antivirus installed and up-to-date?
If it’s not (and this means for all endpoints), you’re ignoring one of the first lines of defense. But relying on it alone means your check-up will be grossly inadequate.
Whether via the cloud or on local storage devices, make sure all data is backed up, and on a regular basis. Sure, this sounds like security “duh”, but the amount of companies who don’t adhere to this critical security element is staggering. And today’s technology, such as flash storage, makes backing up data simple and fast (hence the name flash). Flash storage is based on high-speed, electrically programmable memory, and is a form of non-volatile memory that doesn’t require power to maintain its stored data. Flash storage is more durable, and not as susceptible to bumps and drops, which means data is stored and maintained more securely.
Create Group Policy (GPO) restrictions
Creating GPO restrictions is often overlooked, but shouldn’t be, especially considering they’re simple and easy to implement. As an example, GPO restrictions can provide control over the execution of files, such as those from employees’ APPDATA directories. GPO restrictions can identify software programs running on computers, then control whether those applications can or cannot run.
Don’t ignoring the latest security patch updates for third-party applications, such as Adobe, Java and Flash. They’re pushed out to customers for a reason―they work. Heed the warnings―if you choose to ignore them, well, you might have a lot of explaining to do in the future.
Don’t provide administrative rights willy-nilly. Provide them to a few, select individuals. Not providing them to certain employees might subject you to stink eye, but they’ll get over it. Getting over a security breach will take a lot longer to get over, and remediation could tap into budgets that were earmarked for important initiatives and projects that will have to be put on hold, even cancelled. And doling out admin rights piecemeal might feel restrictive, but granting them one at a time can really add up over the months or years.
Security Questions? Turn to the Experts
Conducting a security check-up might not sound exciting, but it’s a pay-me-now-or-pay-me-later scenario. That’s why talking to experts like the security analysts at GDT is probably your best course of action. They manage GDT’s 24x7x365 Security Operations Center (SOC) and oversee the network security of some of the most noted enterprise organizations and government entities in the world. Contact them today at firstname.lastname@example.org. They’d love to hear from you.