15/08/2021
Securia wishes you a HAPPY 75th INDEPENDENCE DAY !
Here are some proactive measures that you can take to secure your office, work-locations & remote working:
1. Legitimate Software:
- Always prefer using licensed software
- Only allow trusted & white-listed applications to run on your computers
- Disable MS-Excel Macros & allow Flash / Java only when required
- Always use a trusted website / source to download & install software programs
- Make sure that software, operating systems & smartphones are running on latest updates
2. Password Policy:
- Make sure to use strong passwords with upper-lower case characters & special characters
- Replace default passwords with unguessable passwords
- Change the passwords time-to-time & do not keep them written anywhere or share them with anyone
- Enable 2-factor Authentication wherever possible
3. Hardware Security:
- Protect your hardware from physical hazards such as water leakage, unwanted heating & cooling, unwanted USB device connection, robbery etc
- Implement survelience / CCTV monitoring
- Replace outdated hardware
- Make sure that none of the internal networking cables are extended outside the office premises & access to the internal nerwork is provided through these cables only where required.
4. Endpoint Protection:
- Install a good antivirus software that has anti-malware capabilities & system monitoring features to protect your computers
- Install a firewall with capability of gateway antivirus & network activity monitoring
5. Wi-Fi Security:
- Make sure to disable WPS & broadcasting in your WiFi router
- Make sure to configure MAC filtering & device whitelisting in your WiFi router
- Avoid using any publicly available WiFi for conducting important business activities
6. Access Control:
- Do not continue providing access to data, systems & network to the people who don't require it anymore
- Monitor the access that is given to contractors, service providers & third-parties
- Do not provide Administrative access to anyone unless required
- Limit & control the access that is given to certain people
7. Backups:
- Implement & maintain the backup of all your business critical data on-site & off-site
- Consider having backups with cold & incorruptible techniques
- Having a daily / hourly backup is always beneficial
8. Bring-Your-Own-Devices:
- List the staff / users who are their own devices for official work. Allow only a specific users to use their own devices
- Make sure that the users have a seperate account on their own device for doing official activities
- Make sure that these devices are clean & have gone through in-depth scanning & analysis regarding usage of genuine operating system, usage of only the allowed apps & software, usage of strong antivirus etc
9. Protection Against Phishing:
- Do not open & respond to any unknown, unwanted, suspecioud & unexpected emails
- Any communication that creates a false feeling of urgency & requires you to respond quickly should be cross-checked
- Use anti-malware, anti-spyware & email filtering programs
- Educate staff & top-level mamangement regarding recognising a legitimate communication & falsified communication.
10. Protection Against Ransomware:
- Cross-check any ".exe" file that is executed with Administrative access
- Backup your data regularly
- Use latest update & signature for your anti-malware software
- Keep your software & operating system up-to-date
- Do not allow downloading & installation of software programs from untrusted sources, illegitimate URLs & drive-by links
11. Protection Against Hacking:
- Conduct Vulnerability Assessment & Pe*******on Testing of your website, web-based applications, internal & external network etc. regularly
- Enhance your IT infrastructure with end-to-end encryption & access control
12. Protecting Against Data Leakage:
- Allow access to important & critical business data only to authrized people after approving what, why, how & when the access is required
- Make sure that you store critical business data at secure locations internally, externally or on cloud
- Do not allow transportation of important business data on external storage drives unless it is a dire emergency
13. Protection Against Insider Threat:
- Upgrade to Zero-trust Environment
- Monitor all the users who have access to the data, systems & network
- Make sure that access to former employees is discontinued & access to contractors, service providers, partners is not misused
- Keep a close eye on changes made to data, files, systems, sensitive information & configurations are legitimate
14. Monitoring
- Monitor the network, systems, users, activities, changes & system logs continuously
- Monitor the usage of IT resources
15. Training & Awareness
- Make sure that the staff & employees get trained properly for using the IT resources securely
- Generate awareness towards cybersecurity within the users
Feel proud of being a part of such a wonderful & glorious nation!
