Ten-step strategy to realize self-security inspection mechanism

In the past 10 years, the explosive development of network applications has made some of the world's top 500 companies a few people have IT factors to some extent.

Every company has its own valuable IT assets, such as computers, networks and data. To achieve the protection of these assets, large and small enterprises must have their own independent security review mechanism, so that they can timely discover the security issues facing the enterprise and how to deal with risks.

The following 10 suggestions will tell you how to implement the most basic IT inspection. Although these suggestions are not as extensive as those made by professionals, but let you start on the road to protecting safety.

1. Build the scope of security review: list asset list and security scope
The first step in a security review is to make a list of computer assets, and then we know what needs to be protected. Making a list of tangible assets is simple, such as computers, servers, and folders. But the list of intangible assets is not so easy. In order to ensure the continuity of the listed intangible assets list, the scope of security review is very useful.

What is the scope of security review
The scope of a security review is both a physical and a conceptual boundary. The security review focuses only on things within the limits, and things outside the limits have nothing to do with the security review. Of course, it is up to you to decide the scope of the final security review, but generally speaking, the security scope should be the minimum limit, only including those assets necessary to control the security of your enterprise.

Assets to consider
Once you have decided on the security scope, the next step is to complete the asset list. We have to consider all potential assets and decide whether those assets should be included in the safe range. In general, the following assets must be included in the list:

1. Desktops and notebooks
2. Router and network tools
3. Printer
4. Video, whether it is digital or similar, as well as photos containing sensitive company data
5. Sales data, customer information data, and employee information data
6. Company smartphones and PDAs
7. VoIP phone, IP PBX (private branch (telephone) exchange private packet exchange) and related servers
8. VoIP or ordinary phone call records
9. Email
10. Logs of employees' daily work arrangements and activities
11. Web pages, especially those that request user information and requests for database access supported by network scripts
12. Web server
13. Surveillance video
14. Employee access card
15. Access points (such as scanners for access control systems)

This list does not exhaust all assets, and you have to think twice about the data that has not yet been included. The more detailed the list of listed assets, the better. This will help you more accurately recognize that the computer is at risk.

2. Establish a "danger list"

Just knowing that assets are not enough to protect them, they also need to face those dangers. This step is mainly to enumerate some risks you may face at this stage.

What risks should be included?

If your hazard list is too general, then you should pay special attention to those minor security issues. When you decide which risks should be included in the list, you should test against the scale. For example, if you consider whether a hurricane will affect your server, you should consider two aspects. Although the risk is small, the risk will be fatal if it occurs. If the risk is sufficient to affect your business, it should be included in the list no matter how small the risk is.

What are the general "risks"?

The following common risks can be used as a reference when you build a risk list:

1. Computer and network passwords. Is there a log that contains everyone ’s password? How safe is the ACL (Access Control List) list? Is the password used now secure enough?

2. Physical assets. Will desktops and laptops be taken out of the workplace by visitors or employees?

3. Records of physical assets. Do they exist? Are they backed up?

4. Data backup. Which virtual assets need to be backed up, how to back it up, where to put it, and who will manage it?

5. Network access logs. Whenever someone accesses the data, whether the access is recorded, who, when, where, etc.

6. Access to sensitive customer information, such as credit card information. Who can access? How to implement access control? Can the network outside the company be accessed?

7. Customer list access. Does the website allow access to the client database through the back door? Will it be hijacked?

8. Long distance dialing. Will long distance dialing be restricted, or are all dialing free? Should it be restricted?

9. Email. Are spam filters properly arranged? Do employees need to educate them on spam and phishing emails? Should n’t the emails sent by the company contain some form of hyperlinks?

3. Expired detection and prediction of the future
At this stage, you need to edit the current list of hazards, but what about those risks that have not been discovered, or those that have not yet been developed? A good security check is not only about reality, it also needs to predict the future risk.

Use history as a mirror
To predict the future, you first need to understand the history of the past that was endangered. Many risks have repeatedly appeared in history, categorizing the past risks, and putting the related risks in your risk list, so that you will have a more comprehensive understanding of computer vulnerabilities.

Check security trends
It is helpful to understand some of the popular network security risks through the Internet and major security portals.

Coordinated operations
In the face of external risks, some competitors often become the other party's biggest asset. Building a good relationship with competitors can help you have a comprehensive understanding of cybersecurity risks. To achieve security threat information sharing with adversaries.

4. Security level classification
Now you have made a list of risks that the company faces and a list of assets that need to be protected. But these lists need to be prioritized. In this step, you need to determine which risks are the greatest so that good steel can be used on the blade.

Use risk assessment and probability calculation tools
The greater the risk, the higher the security level. The formula for calculating risk is as follows:

Risk = probability times hazard
This formula means multiplying the harm and the probability of danger. The result obtained is the risk faced by the enterprise.

Calculation possibility
Possibility refers to the possibility that the danger actually occurs. Unfortunately, there is no book on the market that teaches you how to calculate the possibility of a website being hijacked, so you have to calculate it yourself.

The first step in calculating the possibility is to do a systematic study of the company ’s historical threats, including the history of its opponents, and some historical threat analysis faced by other companies. You will end up with an estimated number. Generally speaking, the more accurate the estimate, the more accurate the risk assessment.

Calculation hazard
Once the threat occurs, what is the threat? There are many ways to calculate the potential threat of the threat. You can call the company's loss of income and asset conversion currency. Or calculate the labor cost to return to normal. No matter what kind of calculation method is used, one thing is for sure, you must use this to find out the most important safety factors.

Develop security threat response mechanism
After establishing a safety level list, there are many response measures when dealing with safety hazards. Below we will list six main response methods. But this is by no means the most important method.

5. Perform network access control
Network access control (NAC) can be used to check the security of any user accessing the network. For example, if you find that your competitors use the company ’s secret website to steal your information, then you can use NAC. This is an excellent choice.

An effective part of NAC is the access control list (ACL), which can determine which network resources are open to users. NAC should also include the following steps: encryption, digital signal, ACL, confirmation of IP address, user name, and cookies to check the web page.

6. Use intrusion prevention
NAC is mainly to deal with unauthorized uninvited guests, IPS (Intrusion Prevention System) to prevent more dangerous hackers.

The most common IPS is the second-generation firewall. Unlike the first-generation firewall, the first-generation firewall rarely uses content filters, and the second-generation firewall adds content filters.

● Based on content. This kind of firewall uses a deeper packet inspection, which is to completely check the contents of the application to find out whether there is a danger.

● Based on evaluation. The second-generation firewall uses more advanced analysis methods to analyze website or network traffic or application content inspection, so that you can find some abnormal conditions

7. Use Identity / Access Management (IAM)

IAM simply means to control users' access to specific network resources. Under IAM management, users must first obtain permission to access resources. Once authorized, users can access authorized resources.

IAM is useful for managing the information access rights of enterprise employees. For example, if employees want to steal the user's credit card information, IAM is the best choice.

8. Use Backup
When we think of IT security risks, the first thing we think of is computer hijacking. But the greater risk facing companies is the loss of information. Although backup does not seem to be very good, it is said that the easiest way to deal with information loss is data backup. The following are some things you need to pay attention to when using backup:

● Online storage. There are several forms of online storage, mobile hard disk or disk storage within a fire-safe space. The same data can be placed in the hard disk, but separated from the outside world by DMZ.

● Offline storage. Some confidential information should be stored offline as a supplement to online storage. Make the worst plan: Is your hard drive or digital disk safe in the event of a fire? What happens if a hurricane or earthquake occurs? You can use removable media or a VPN (Virtual Personal Network) to take the data offline storage.

● Ensure that access to backup data is safe. Sometimes, access to backup data also has an upward trend. Access to offline data centers, or access using VPN, should be safe. You can use keys, RFID smart cards, VPN passwords, security combinations and more.

● Scheduled backup. Backups should be as automated as possible, and there should be a backup plan within the company that is not affected by human factors. When deciding the frequency of backups, it is necessary to ensure the practicality of backups.

9. Email protection and filtering
Every day, spam generated worldwide is 55 billion. To limit the risks posed by spam, as part of corporate security, spam filters and trained employees are a must. Therefore, in order to effectively deal with the risk of spam, the simplest response mechanism is to establish an email security and filtering system.

Email security risks are the basis for you to choose an appropriate email protection mechanism. Here are some suggestions:

● Encrypted email. When sending sensitive information to employees or customers outside the workplace, the email must be encrypted. If it is an international client, ensure that the encryption protocol is feasible in the receiving country.

● Use steganography. Steganography is a technology that hides information externally, such as in pictures. Nevertheless, this method must be used in conjunction with other encryption methods to achieve maximum effect.

● Do not open attachments of unknown origin. Unless you know who the sender is, don't easily open attachments from unknown sources and educate your employees.

● Do not open unauthorized emails. No spam filter is perfect. However, if your employees understand some common spam tips, then corporate security can be a peace of mind.

10. Prevent entity intrusion
Although various viruses are constantly being introduced, such as hijacking and spam, some traditional security risks still prevail. The most common is physical intrusion. If you want to prevent someone from breaking into the office and stealing a laptop or desktop, anti-theft measures are necessary.

Here are some good suggestions:

● Intrusion office: install a detection system. For example, a closed circuit television system can be used.

● Stolen notebooks. The encrypted file system provided by Microsoft can encrypt sensitive data in the notebook to ensure safety.

● Stealing smart phones. Synchronica's new technology protects the security of handheld computers and smartphones if they are stolen. Once protected, it cannot be used without a password. If this is not enough, it will also clear the data directly without issuing a high-decibel alarm. Once the phone is recovered, the data can be recovered from the remote server.

● Kids + Pets = destruction: prevent unauthorized access. For some small businesses, working at home is a great temptation. But if the children or visitors at home disturb the computer, it will be a great danger. Hackers may use this. Using appropriate usage rights policies will help SME owners deal with this issue.

● Discipline and prevent. Many online commercial advertisements include Google AdSense or Chitika to increase additional income. However, due to improper clicks by employees or family members, the account will be threatened. Remind employees to pay attention to these things and prevent the fortress from being broken from the inside.

Round Sling

Soft Round Sling,Endless Soft Sling,Round Webbing Sling,Endless Round Sling

Jiangsu Zhongyi Work Rigging Co., Ltd. , https://www.zy-rigging.com