Here is our take on making the most of your vulnerability management system.
As much as people like to document their scan results in reports and refer to them in board presentations, do not loose focus on the primary objectives of these results…..Patch those vulnerabilities NOW. It is unintelligent … to say the least, to have discovered vulnerabilities but to leave the patching for a later date. And speaking of documenting, try to maintain a certain degree of privacy with your vulnerability findings while limiting access to your findings to relevant personnel only.
Patching should only be a part of your defense strategy. Patching generally mitigates risk caused by faulty or sloppy programming codes, which are relatively easy to identify using automated techniques. The trickier aspect of information security involves logical errors, which arise due to acute lapses in configuration settings and parameters of the myriad of devices present on networks.
Zero day attacks are quite understandably the worst fears of any security professional. While you cannot predict what the future has in store for your network, there are certain practices that will minimize the potential of your systems being targeted.
– Harden your systems
– Use heuristic protection based Anti viruses.
– Deny the irrelevant and only allow least privilege to those you permit
– Finally, educate users to be wary of unsolicited and suspicious email attachments.
The strongest Vulnerability Management programs are always characterized by their elaborate policies. Policies help you regulate the operational effectiveness of your corporate infrastructure. Policies drive your users to
– Practice better password conventions.
– Bring in the use of encryption in official emails.
– Create a realization that security is everyone’s responsibility.
– Regularize the use of firewalls and antivirus programs.
– Familiarize people with the risks associated with social media
– Ascertain the confidentiality of organizational data and prevent instances of data leakage.