02 Sep Essential Health Check for IT Infrastructure
Lots of discussion going around Cybersecurity, Big Data and other latest technology but currently the formidable developments in IT and the Internet have revolutionized the way we live and work. The loss or theft of certain information or the unavailability of a company’s information system can have serious consequences for a company and its customer. Protection of a company’s data and IT network is crucial for its survival and competitiveness.Human error or the malicious acts of an employee may result in an incident, external hostile acts are becoming increasingly frequent: attacks on a company’s website, malicious code (malware) concealed in email attachments or in captured USB sticks, password theft, makes infrastructure vulnerable. Management has a duty to ensure that suitable protective measures are set in place and operational. These must be governed by a written security policy that all individuals are aware of and familiar with, and whose application must be regularly verified by supervisory management or by
Management has a duty to ensure that suitable protective measures are set in place and operational. These must be governed by a written security policy that all individuals are aware of and familiar with, and whose application must be regularly verified by supervisory management or by Audit team. Just Sharing the number of the technical health check, to address this Issue with appropiate solution .
- Have an accurate map of IT installations and keep it updated . (CCMDB , TAMIT Solution can be evaluated )
- Keep an exhaustive inventory of privileged accounts and ensure this is updated. ( Privileged Identity Manager Solution can be evaluated )
- Create and apply procedures for the arrival and departure of users ( Security Identity Manager Solution can be evaluated)
- Limit the number of Internet access points for the company to those that are strictly necessary
- Prohibit the connection of personal devices to the organisation’s information system ( MDM Solution can be evaluated )
- Know how all software components are updated and keep up-to-date on the vulnerabilities of these components and their required updates ( IBM Bigfix can be evaluated )
- Define and strictly apply an update policy and Identify each individual accessing the system by name
- Set in place technical methods to enable authentication rules to be followed. ( Two Factor Authentication , ESSO Solution )
- Do not store passwords in plain sight in files on information systems , enable single sign on Solution if complex passwords and many solution to access .
- Systematically renew default authentication settings (password,certificates) on devices (network switches, routers, servers, printers
- Encrypt sensitive data, especially on mobile machines and media that may get lost
- Frequently audit (or have audited) the configuration of the central directory Active Directory in Windows environments or LDAP directory ( SIM Solution can be evaluated )
- Develop a plan for IT recovery and continuity of activity, even if only in outline, that is regularly updated, setting out how to safeguard the company’s essential data
- Periodically carry out a security audit (at least annually). Each audit must be accompanied by an action plan, the implementation of which should bemonitored at the highest level .
- Clearly define the objectives of system and network monitoring.
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”
― Benjamin Franklin