再次问好。这是苏珊·布拉德利CSO在线。今天,我们要讨论一些技术,不是新的。他们已经很长一段时间,可能没有性感或任何你去,哎呀,令人叫绝。他们正在尝试和真正的东西,尤其是对于基于域的网络。但显然我们还没有做他们太清楚,因为我们仍然有在新闻中的漏洞和恶意,不是吗?正如你们许多人知道,美国联邦贸易委员会与Equifax公司解决了他们的安全漏洞,有是传出后,谈了一些他们没有做到基本的一个有趣的博客文章。这实际上是相当惊人的。同样,他们不性感技术:入侵者补丁或软件将网络分段显示器,但是当你没有得到的基本知识。这就是我们遇到的重大问题。 And I'd add one more, making sure you have a good backup, especially when it comes to ransomware. So here we go again with a another session of how to not be low hanging fruit. So here's some lessons learned from Equifax. Make sure that employees follow up on patching processes. Make sure that you check to see if a patch is needed. Make sure your automated scanners are actually doing what they're supposed to do. Make sure you segment your network to limit how much sensitive data an attacker can steal. Make sure you store admin credentials and passwords in proper locations. Don't do them in plain text files. Make sure you update security certificates and make sure you detect intrusions on even legacy systems. As we start 2020, take a step back and look at your network. See if there are places where you're putting data that shouldn't be there. Look at the kinds of data you have on your network. There's typically four levels, public data that anyone can have access to internal data, data that should not have public disclosure, sensitive internal turned data and the highest of all highly sensitive corporate employing customer data. And depending on where those are located, you may need to redo how your network is segmented. The Center for Internet Security goes on and indicates that one should segment that network based on labels or classification levels of the information stored in the servers, locate all sensitive information on separated V lands with firewall filtering to ensure only those authorized individuals are only able to communicate with systems necessary to fulfill their specific responsibilities. How many of you are ready to do that? On old fashioned workstations and servers that are in your corporate network, look to see how well you're using the plain old Windows firewall. Again, this is not new. You don't have to go out and buy anything new. It's the plain old Windows firewall that you already have in your systems. But are you using it as best as you can? On a sample Windows workstation, go ahead and open up the Windows firewall and you can look at all of the different applications that have built rules in your firewall. Kind of gets a little scary sometimes, especially if you have to stop and go. What application actually built that rule? Something as simple as blocking RCP Port TCP Port 135 and SMB Port TCP port 445 can help a great deal to stop the lateral movement of attackers inside your network. Now, you may not be able to block, especially the SMB ports. You may have to test and see if you can do this, but see if you can especially for sensitive transmission of data. RDP is being used quite a bit in attacks inside of networks. And what you might want to do is see if you can do limits on remote desktop. So go into the properties. And enable what's called IPsec. Allow the connection if it's secure and you can customize this and make the setting and then go into remote users or remote computers and see if you can set that for specific users. So instead of opening it up to everybody, put specific users inside the domain that have access to that system. Again, you may not be able to do that everywhere. But again, segment your network. Think about how attackers come in and how they can use the different ports to come in. Limit access as best as you can and use the windows firewall that you already have in your system to build more rules. Obviously document this as well. But please, if you're in the year 2020 and you're still disabling the Windows firewall, I hope you're not doing that. I hope you're taking the time to look to see what applications have built ports and firewalls and see if you can lock them down better. And as we start 2020, don't forget to sign in to Tech talk from IDG with lots of tips on Windows and Linux and all sorts of news for the tech of the day. Again, this is Susan Bradley for CSOnline. Thank you again.
受欢迎的
IDG.tv的特色视频