The office has been disinfected, the work surfaces have been rearranged, and now we can begin to return to working in the office. But has the company planned IT security challenges? Tab Bradshaw, Chief Operating Officer at Redpoint Security, has compiled a list he calls his "Essential 8" critical steps to take when he returns to office. HOW TO PREVENT MALWARE DELIVERY AND EXECUTION:
1. Software Control
Application control prevents the execution of unauthorized / malicious programs including .exe, DLL, scripts (eg Windows Script Host, PowerShell and HTA) and installers. This prevents all unauthorized applications (including malware) from being run by employees.
2. Configuring Microsoft Office Macro Settings
When these Microsoft Office settings are configured, they block macros from the Internet and only allow controlled macros in either & # 39; trusted sites & # 39; with restricted write access or digitally signed with a trusted certificate. If not, Microsoft Office macros can be used to deliver and run malware on systems.
3. Patch Applications
Patch applications include Flash, Web Browser, Microsoft Office, Java, and PDF Viewer. Before use, notebooks with "extreme risk" vulnerability within 48 hours. Be sure to use the latest version of applications as security vulnerabilities in applications can be used to run malware on systems.
4. Curing User Applications
Curing User Applications configures browsers to block Flash, ads, and Java on the Internet. Applications like these are popular ways to deliver and run malware on systems. Be sure to disable unnecessary features in Microsoft Office (such as OLE), browsers, and PDF viewers.
HOW TO LIMIT THE SCOPE OF CYBER SECURITY EVENTS:
5. Restrict administrative privileges
Administrative privileges for operating systems and applications should be re-evaluated based on user data. After the initial review, you must regularly reconsider the need for privileges. Do not use privileged accounts to read email and browsing as administrator accounts are "the keys to the kingdom". Opponents will try to use these accounts to gain full access to information and systems.
6. Multifactor authentication
Multifactor authentication should be required for VPN, RDP, remote access and for all users when performing a privileged action or accessing important (sensitive / high availability) data. Stronger user authentication makes it more difficult for opponents to access sensitive information and systems.
7. Patch Operating System
Operating system security vulnerabilities could be used to further compromise the risk of unauthorized access. Patches (including network devices) with "extreme risk" vulnerability within 48 hours. Be sure to use the latest version of the operating system and check that the version is supported. HOW TO RESTORE DATA AND SYSTEM AVAILABILITY:
8. Daily backups
Daily backups of new or changed data, software, and configuration settings should be stored and stored for at least three months. To ensure that information can be accessed after a cyber-security incident (such as a ransomware incident), test the restore initially, annually, and when the IT infrastructure changes.
Remember that returning to the office requires many risk management measures. Do not forget to take care of IT security. The tips offered here are intended to supplement and not replace the equipment manufacturer's recommendation.
Blog provided by:
© 2020 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved.
This article is for informational purposes only and is not intended to convey or constitute legal advice. HSB makes no warranties as to the accuracy or completeness of the content here. Under no circumstances will HSB or any party involved in creating or delivering this article be liable to you for any loss or damage resulting from the use of the information herein. Unless otherwise expressly permitted by HSB in writing, no part of this article may be reproduced, copied or distributed in any way. This article does not change or invalidate any of the terms, exceptions, conditions or terms of the applicable policy and endorsements. For specific conditions, see the applicable approval form.