Small companies can not afford to create the march of the security department. From what you should start?
Any organization that intends to build their environment in a safe, should start from the basic issues. First you need to take care of the backup copy. The organization should implement a policy of performing backups, make sure to be reliable. The effectiveness of backup should be tested in practice, making sure that the most important information from this backup, you can play, if needed. The recovery process needs to go even in the event of a fire that destroyed the corporate office. That means backups to a remote location. In one way or another – a copy must be done to be able to use it. These are the basics, so that the company can still work.
See also:
What is the next step?
The second stage is the process of updating the software. The company must be sure that the process works system and application updates and fixes are made. The process must include not only the workstations and client systems in the office. It must also apply to smartphones, tablets, servers or routers. Make sure that they work for the latest operating systems and applications, with all available security updates on any device. Only when both the company solve basic problems can think of safety equipment such as virus protection, firewalls and intrusion detection systems and prevention network. This is not the most important – important are the basics, such as backups and updating.
These are the basics, but small companies often simply do not know how to go about it.
For all the policies are necessary, for example. perform backups. Must be written, tested and observed. This applies to all aspects of security in the organization. Assumptions security policy must cover all.
What is the next step? How does an organization that already has implemented the base, has to deal with the threats?
The company must monitor your network, both the movement and the attached devices, and detect any changes. The company wants to detect deviation from the norm, and therefore needs to know the condition called normal. Monitoring should be pointed out that a normal day, at a given time we have this kind of network traffic, the amount of data passing to and from the locations in the network. When a company has a pattern of normal traffic, can detect anomalies, deviations from the pattern. On the basis of these findings it can be concluded about the possible events. Then you will be wondering why this laptop sends to China in the chair. 2. in the night – and this is not normal. The detection of anomalies similar to the time it is impossible to have a normal pattern by network activity.
How can then detect malicious software, which is now a real scourge?
This is a known problem. Malware analyze more than 25 years and we know how to do it.
Is it that simple?
In theory, a simple problem, but in practice Detection is difficult because the attackers have access to all the weapons that we can use. When someone prepares today malware, first retrieves all available anti-virus programs. After writing malware attackers check them before deployment, making sure it will not be detected. If the antivirus software detects the virus, developers begin to change the code in a way that was not detected. The attackers have almost unlimited time to search and bypassing security measures in companies. Meanwhile, we who care about security companies, we do not have unlimited time to detect and block malware threats. A clash between virus writers and defenders is not fair, because the attackers have access to the tools used in the defense.
What in that case would you recommend to companies doomed to an unequal battle?
First of all, you need to act. Security specialist cleaner is like – his actions do not see until it is. You might be wondering why so much money is going to clean up, since everything is clean. When you reduce the budget, it turns out that here and there begins to be dirty. The same applies to safety. It is said, hey, we do not have problems with viruses, then why do we need anti-virus? If it does not, the problems with malware appear.
How to solve problems with the budget?
Budgeting is not easy. There can be no common sense in protecting information through the firewall for $ 1 million, if the same information is worth 0.5 million. The process begins with an assessment of the value of their resources and assess risks. You must specify from whom the company needs to defend itself, and how the organization stands out from the others. Who is the enemy? With what risks we face? Who will be the aggressor? These questions need to ask anyone before begin considering a defense strategy. First, you need to assess the risk.
No comments:
Post a Comment