System Security: 5 Ways to Improve Your Defenses Against Attack

A former Air Force CIO highlights practical ways to improve system and network security

CONNECTIONS
Gilligan Group
Mon, June 29, 2009CIO Gaining attention for advocating a practical shift in how IT leaders think about security, the Consensus Audit Guidelines offer 20 controls to measure and monitor IT-system and network security. Though worries about increased cost often accompany any notion of improving security, John Gilligan, a consultant who developed the guidelines, says he implemented a subset of the controls when he was the Air Force CIO (from 2001 to 2005) and saved money on IT and risk management. Gilligan's recommendations include:

1) Know your network. Inventory all devices on your network with an asset recovery tool. Record network addresses, machine names, the purpose of each device and person responsible for it. Encrypt this information. Likewise, devise an encrypted list of software authorized to run on your network. Periodically test your software inventory tool by deploying new software to see when it's detected. Note the delay; that's a vulnerable time.

To read more, see Moving Target and Obama's Cybersecurity Coordinator Has Broad Agenda.

2) Test and verify. Document and test security settings on system images before deploying laptops, workstations and servers. Sample systems once a month to see that settings are correct. Store master images on secured servers or offline machines.

3) Seize control. At network connection points, implement filters to allow use of only those ports and protocols with a documented business need. Use two-factor authentication and encrypted sessions on all network devices. Require people logging in remotely to use two-factor authentication, too.

4) Be suspicious. Set audit logs to record dates, time stamps and source and destination addresses for each piece of software. Devise profiles of common activity and tune logs to look for anomalies. Deploy firewalls to look for common Web attacks. Test source code for malware and backdoors before deploying.

5) Watch your back. Run vulnerability scans at least weekly (preferably daily). Compare sequential scans to ensure previous problems were addressed. Install critical patches within a week. Report daily on locked-out and disabled accounts, as well as accounts with passwords set to never expire or with passwords exceeding maximum age. Get explanations for these accounts. Check machines daily and push out updates for malware protection.

For more details about these and the rest of the guidelines as well as an explanation of how attackers exploit the lack of each control, visit www.gilligangroupinc.com.

Do you Tweet? Follow me on twitter @knash99. Follow everything from CIO Magazine @CIOMagazine.

Read more about security in CIO's Security Drilldown.

security
Loading...
Security MarketSpace
Complimentary 2010 Online Fraud Report from RSA
Online fraud is a non-stop threat to organizations around the globe, and cybercriminals have no intention of slowing down the pace. Also, global are likely to have an impact on the evolution of cybercrime. Read this special online fraud report for information about the latest online fraud trends and what to expect and prepare for in the future. Learn more »
The Help Desk Is on the Critical Path for Disaster Recovery
This new Forrester white paper explores the critical role that the help desk should play in your organization's business continuity planning. Learn more »
From Your Perspective: Key IT Security & Authentication Concerns for 2010
 Key IT Security & Authentication Concerns for 2010 Learn more »
Packet Analysis Shortfalls
This EBook, from Realtime Publishers, provides independent advice and technical insight on improving network troubleshooting. Learn more »
How to Develop Your Strategy for Business and Compliance
This whitepaper will provide guidance on developing a strategic approach to managing and monitoring logs that enables more efficient compliance with regulatory mandates and more effective defense against security threats. Learn more »
A Hidden Benefit of Desktop Virtualization?
This IDG eZine explores the many user benefits of desktop virtualization. Learn more »
Assess Your Data Loss Exposure
Secure and compliant collaboration and access.
The paper then describes how IBM offers an adaptable, business-driven, holistic approach to security that addresses the different risk domains across organizations. Learn more »
 
SPONSORED LINKS
 

Simplifying Risk Management: Is Your Company Measuring Up?

March 31st Webcast: "Product Development and the Cross-Functional Team"

Get to know Supermicro. Business-optimized server solutions.

Google Webinar: Why Cloud-Based Security and Archiving Make Sense

HP pays back. Trade in your old printer and get up to $1000

Counting Up the End User Benefits of Desktop Virtualization

Build a smart, practical path to the internal cloud.

Verint Systems. Discover the Power of Intelligence in Action"

Efficiency goes up. Costs come down.

Achieving Business Agility with Application Grid

Seven Ways ITIL Can Help You in an Economic Downturn

Read report on how to improve decision making with business analytics.

Dynamic Virtual Client: Whats in store for client technology going forward?

The ISP that focuses exclusively on information security? SecureWorks.

Does your IDS really work? Find out with a free Endace Audit

CA ARCserve r12.5 is More Than Backup! Download Trial Version Today

Enterprise search helps employees get more done. Get the facts from Google.

Real-world testing ranks Trend Micro #1 against malware. See results.

Dark Fiber from Sunesys Save on Unlimited Bandwidth with Fixed Costs.

Trend Micro ranked #1 against real-world malware. Read more.

Selecting the Right Reporting Technology

An IT Leadership Action Plan for the Economic Recovery

Consolidate data centers and lower IT service costs. Learn How.

WAN optimization techniques significantly improve application performance. Read More.

The Revolution and Evolution of Private Cloud Computing

Trend Micro ranked #1 against real-world malware. Read more.

Ready to create safe, business class social networking tools? View Now

Let Progress Software help your business make progress.

Register for more Windows Enterprise Webcasts today.

Entrust IdentityGuard  Strong Authentication for your Enterprise

Supercharge Your End Users with Desktop Virtualization

Take the Netezza TwinFin TestDrive!

Best Practices to Reduce IT Operational Costs

Maximizing efficiencies with unified communications.

Taking the Service Desk to the Next Level

Midsized company CIOs and experts connect at infoBOOM!

Core" i5 vPro" Processor: Control meets cost savings in the most intelligent PC processors ever!

Article: The Dynamic Virtual Client offers thin client advantages with rich client user experience & mobility.

Manage limitless content todayread EMCs 15-minute guide to ECM.

HP Exstream. Get a Free Document Assessment for Financial Services.

Webinar: Jump-start your in-house e-discovery with Ringtail QuickCull from FTI Technology

See why ShoreTel is named best overall VoIP provider by Nemertes Research

Turn your desk phone and mobile phone into one with Sprint Mobile Integration.

Stay informed with custom newsletters from Tech Dispenser

How Healthcare CIOs Achieve a High-Performance Emergency Department

Webcast: Solve Your Data Visualization Needs with Open Source BI

Webcast: Delivering the Enterprise-Ready Cloud

Ensure cost effective application delivery. Learn More.

Cloud Computing: The Impact CIOs See

What's New in SOA Suite 11g?

 
 
RESOURCE CENTER
 
buy a link »
Ads by TechWords