IT Security has grown over the last few years to become a real business issue engaging all business functions. Security isn´t just a problem for the IT department anymore, trying to arrange downtime for a server to implement some patches. New threats have risen such as: ransomware (the recent Wannacry episode for example); botnets running on IOT Devices (e.g. the Mira Botnet) attacking critical infrastructure components of the internet (experts(1) say the DDoS attack that caused widespread disruption was the largest of its kind in history); or targeting a specific company’s main business model (e.g. hacker holds Netflix to ransom over new episodes of Orange Is The New Black(1).
The steps that should be taken to minimise the effects of these attacks on your infrastructure and data are various and depend on the different types of business risks and the IT services running. However thorough planning and consultations are key points at all stages.
Before all of those necessary steps on defining processes, implementing hardware (e.g. two factor authentication) or software (e.g. Intrusion detection systems), there are many basic actions to be taken that are often forgotten or not fully considered. Most of the basics rely on tools already installed or software available in the OS distribution along with some simple configurations changes. Some of these basic steps enhance the security of a system by not interfering with the service running on top. These are low hanging fruit. This article will highlight just two techniques that operating teams should consider essential.
This article was first published in OHM Issue 37 (2017/2), p29-31.
....To view the full article you must have a full Digital Subscription.