Today, I came across a thought-provoking post from Tony Carothers on the danger of making assumptions when it comes to IT security. The takeaway was simple and straightforward: “Do not assume that because a company has been in business for “x” years, or they are the hottest product on the market, that it is backed by solid security. That is an assumption that can cost. Dearly.”
IT security is top of mind with nearly every business, and as an IT service provider it’s your job to protect your customers’ data and ensure the business is secure from external and internal threats and vulnerabilities. It’s easier said than done, but here are a few best practices from the Intronis Partner Support Team that will help you better protect and serve your customers:
- Antivirus: Make sure to not only use one (and only one!), but also make sure it is set to run. Disable cancelling it if you must, but schedule it for at least once a week, if not more often.
- Firewall: It’s not good to have everything open, but you’re going to be in just as much pain if it’s overly restrictive. Find out what you and your clients absolutely need to have open (ports/IPs/addresses) and be smart about configuring things.
- Web Filter: This is a good secondary protection against anything even hitting your system. Like a firewall though, it only works if it is properly configured.
- Updates: Have a schedule for running them, and stick to it. An unpatched system can be critically vulnerable to an outside attack (current estimate for an unpatched Windows XP system: under 10 minutes from first boot to cracked wide open). This goes not only for Windows but also third-party software. Make sure you are running the latest version you can afford. It might be good to put in something about how we understand that not everyone can run the ‘latest and greatest,’ but even older versions get patched to a certain point. Run that point.
- Backup: When all else fails, as it inevitably will, you will need to restore from backup. Make sure it is available, make sure it is working, and make sure you can restore from it. As the saying goes, if you can’t restore, you’re not backing up. Regular and spot restore tests will ensure that your backups are working fine and you can have confidence in your solution.
- User education: You can harden your systems entirely and do everything completely perfect, but none will help if an end-user opens that one email with the obfuscated EXE that looks like a PDF. The SANS Institute has a good resource here, as does anything run by Kevin Mitnick (who is probably the most well-known social engineering artist in the world and a former black-hat himself). The point to hit here is that the user is the weakest link, and most users will not recognize their own faults.