Posted on

Defensive measures for Protecting Exploitation in Organisational Environment

Create a security policy that includes a section about password guidelines (key length, use of special characters, periodical expiration of keys, account blocking policy, etc.)

Enable auditing services at the operating system level in end-user devices, servers and communications equipment and use log correlation software to perform event monitoring.

Restrict access to the Administrator and root account so that it cannot perform logon through the network, but only physically in the computer console.

Use port security and admission control (NAC) on networking devices so that only authorized users can connect to the network.
Replace insecure protocols that send information in plain text as HTTP, SMTP, TELNET, FTP, with their secure counterparts which use digital certificates and encryption for transmission: HTTPS, SMTP, SSL, SSH, SFTP, etc.

Set the switches to detect the sending of free and unauthorized ARP and other known attacks and react to port violation taking appropriate actions and reporting the event.

Implement secure authentication protocols in wireless equipment and isolate wireless segments from other internal subnets using intelligent next generation firewalls68.

Configure intelligent next generation firewalls and other network devices to block attacks.

Use network and security management software for threat detection, vulnerability assessment and automatic response to events.

Design and implement an Information Security Policy based on the ISO 27000 standard.

mplement awareness campaigns about good practices on information security for the end-users.

Train staff from the IT and related departments about information security and specialized topics such as ethical hacking, computer forensics and defense mechanisms.

Define profiles for IT personnel and establish which international certifications on information security your functionaries must obtain according to their position.

Write a comment