When it comes to protecting your IT environment from security threats both external and internal, there is no one single method. A combination of firewalls, network monitoring, anti-virus and anti-malware software, and employee training all work together to secure a company’s sensitive IT assets. It can seem like a daunting task securing your IT components, and it is true that there are many different steps to take. However, there are some basic guidelines you can follow to establish best practices for protecting your network and your sensitive business information.
The United States Computer Emergency Readiness Team (US-CERT) is a division of the Department of Homeland Security. The US-CERT has a great outline of IT best practices for protecting IT environments and mitigating cybersecurity risk factors. Here we have highlighted three of these best practices that you can implement across your organization.
Two-factor authentication has been around since the mid-1980s. The technology behind two-factor authentication grants access to applications, files, and other assets by identifying a user through two different components. The most common form of two-factor authentication is the combination of using a username (or email) and a password. There are other forms of two-factor authentication that include using a username and a PIN number, or using physical objects like a USB drive or key card and biometric factors such as fingerprints or retina scans.
While it may sound like common sense to password protect your sensitive files, many businesses fall short in this area. They use commonly overused terms such as “admin” or “guest” and use easy to crack passwords such as 12345 or password123. Implementing two-factor authentication is one step in safeguarding systems, but making sure that the system is protected by strong authentication credentials is the second step.
Blocking Malicious Code
Systems administrators can configure their networks to prevent non-approved applications from being installed on the network. Often malicious code disguises itself in third-party applications, so having protocols that block non-approved applications from installing can keep malicious code out of your IT environment. Additionally, web browsers can be configured to block malicious scripts and questionable content from installing. These methods work to keep malicious code and malware out of your network, safeguarding your sensitive information.
Don’t Privilege Everyone
When it comes to giving administrative access to employees, oftentimes businesses are incredibly lax with their user rights privileging. In some companies, multiple employees share username and password information for applications or employees are granted administrative access by default. Only a specific number of employees of a certain level of position (i.e. mid-level executives and/or higher) should have complete administration access. There should also be a running list of everyone who does have admin privileges that gets updated each time an employee leaves, moves departments, or someone new comes onboard. The rest of your employees should only have access to the systems they need to complete their work, to keep your data and your network safe from human error and potential security risks.