Archive for May, 2009

How good are you at utilizing your Vulnerability Management program?

Here is our take on making the most of your vulnerability management system.

Act right away!

As much as people like to document their scan results in reports and refer to them in board presentations, do not loose focus on the primary objectives of these results…..Patch those vulnerabilities NOW. It is unintelligent … to say the least, to have discovered vulnerabilities but to leave the patching for a later date. And speaking of documenting, try to maintain a certain degree of privacy with your vulnerability findings while limiting access to your findings to relevant personnel only.

Patching and thinking you are protected?

Patching should only be a part of your defense strategy. Patching generally mitigates risk caused by faulty or sloppy programming codes, which are relatively easy to identify using automated techniques. The trickier aspect of information security involves logical errors, which  arise due to acute lapses in configuration settings and parameters of the myriad of devices present on networks.

Protecting yourself from Zero day attacks…

Zero day attacks are quite understandably the worst fears of any security professional. While you cannot predict what the future has in store for your network, there are certain practices that will minimize the potential of your systems being targeted.

–          Harden your systems

–          Use heuristic protection based Anti viruses.

–          Deny the irrelevant and only allow least privilege to those you permit

–          Finally, educate users to be wary of unsolicited and suspicious email attachments.

A Vulnerability Management System is only as strong as its policies…

The strongest Vulnerability Management programs are always characterized by their elaborate policies. Policies help you regulate the operational effectiveness of your corporate infrastructure. Policies drive your users to

–          Practice better password conventions.

–          Bring in the use of encryption in official emails.

–          Create a realization that security is everyone’s responsibility.

–          Regularize the use of firewalls and antivirus programs.

–          Familiarize people with the risks associated with social media

–          Ascertain the confidentiality of organizational data and prevent instances of data leakage.

, , ,


Fired Employees Leaving With More Than Just Experience

With rampant downsizing in most organizations, corporations now face new frontiers in their efforts in keeping their data secured.

Uncertainty amongst employees leads to more dubious behavior. With most of today’s security products designed to counter external threats, how do you keep the EVIL WITHIN from jeopardizing your security and compromising the sanctity of your data?

Recent surveys conducted by (but not limited to) Symantec and Ponemon indicate that employee exodus has also resulted in tons of sensitive data being leaked out as well. The survey conducted around a thousand participants revealed that an overwhelming majority of employees took a copy of their work with them. According to the survey, CDs remained the most popular mode of sneaking out data with confessions from 53 percent of the participants. Next inline were USBs which had been used by another 43 % while 38% said that they had used Email.

While the more benign of the lot may just keep it as apart of their memory, the more enterprising may have other wily ideas.

, ,


A Matter of Trust

Another commonly raised point related to DLPs, usually by indignant employees is “don’t you trust us?”

It is necessary to elaborate that implementation of a DLP does not necessarily imply lack of trust in employees, in fact it’s there to prevent against any accidental losses. Studies analyzing recent data leakages indicate that a vast majority of disclosures are unintentional and may be attributed to the lack of awareness amongst employees. A majority of instances of leakage scenarios can be traced back to lost USB storage devices or stolen laptops. Social networking sites, blogs and the increasing use of wikis is contributing to incidences of both incidental and intentional leakages.

It is under these scenarios that the implementation of a DLP starts to make sense, prevent malpractices, before they can actually hurt.

, , , , , ,


Copyright © Rewterz. All rights reserved.