Defending against cyberattacks and researching resources to fortify your organization’s infrastructure are at the top of the list for IT personnel. Approach this strategy with security layers, following the guidelines for security best practices for obtaining a secure posture. There are certain fundamentals that all organizations should implement:
- Patch and update all hardware and software.
- Educate end users on the appropriate use and risks associated with online activity.
- Implement a strong password process and include multi-factor authentication.
- Purge or update all end of life products.
- Invoke the practice of least privilege and restrict access only to personnel who need it.
There are tools and resources to help you accomplish these goals.
- NIST framework outlines an extremely comprehensive guide.
- Following the CIS Controls by stepping through implementation groups makes it easy to take a ‘bite at a time’ for putting these controls in place.
Lots of tools available on the Internet can assist with testing, discovery, forensics and more. Here are a few that you may find useful:
- Analysis of email headers
- Reputation checking of website
- Malware analysis
- Blacklist checker
- Email compromise
- Open resolver
- Password recovery tools
- Port checker
- Network mapping software
Reach out to security@more.net, and our Cybersecurity Operations Team can help you with securing your environment with assessments and advice. This is one of the many values of your MOREnet membership