Top 5 Threat Protection Best Practices (Las cinco mejores prácticas para la protección contra amenazas)
Las cinco mejores prácticas para la protección contra amenazas
1. Control outbound content as well as inbound.
Data loss can be accidental or malicious. Human error, carelessness, or a lack of data security can lead to data loss, such as sending an e-mail attachment containing personally identifiable information (PII) to an unauthorized recipient. Most companies’ firewalls are set up to block incoming traffic, but data is sent off network on common ports like IRC, SMTP, and HTTP.
2. To protect against malware, block access to Web ports and scan traffic.
With one new Web page infected every 4.5 seconds, the Web is now the number one vector of attack for cybercriminals. Taking advantage of Web infrastructure vulnerabilities, attackers covertly inject malicious code into legitimate Web sites. This Web-based malware then uses social engineering tactics or browser vulnerabilities to infect visitors with the intention of stealing confidential data, installing more malicious code, or silently recruiting the host system into a botnet.
3. Educate users about the dangers and safe use of social networking Web sites.
Social networking sites like Facebook and Twitter have become popular playgrounds for attackers who recognize users’ tendency to instill a higher level of trust in the sites themselves and to share too much personal information. As a result, malware and data theft are presenting serious problems to their users. In fact, there was a 70% rise in proportion of firms that report encountering spam and malware attacks via social networks during 2009. Spam is also common on social networking sites, and social engineering is on the rise.
4. Encrypt sensitive data in use, at rest, and in motion.
Encryption is an integral technology to protect your organization’s sensitive data. If a threat bypasses your antivirus, firewall, or other controls, PII (Personally Identifiable Information) is vulnerable. But if data that is encrypted before it’s placed on removable media or sent by e-mail falls into the wrong hands, it is unreadable.
5. Restrict use of removable storage devices.
An organization’s vulnerabilities are exacerbated by the unchecked ability to launch unauthorized software from removable storage devices like USB keys, CDs, and DVDs. Unauthorized applications can introduce vulnerabilities to the network, and malware, like the Conficker worm, is becoming a major issue as these devices can serve as vehicles for distribution. Data can also be easily taken outside of an organization on these devices, and many recent high-profile incidents confirm how easily they can be lost.