One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1005486 |
| Date de publication | 2019-01-23 14:00:00 (vue: 2019-01-23 15:02:15) |
| Titre | 10 Steps to Creating a Secure IT Environment |
| Texte |
.jpg)
Every day, as a part of my work at AlienVault, I talk to prospective clients. Many of them are trying to put together a security plan for their business. Most of the people I talk to are IT professionals who, like everyone else, are learning as they go.
During my time in IT and the security industry, I have seen almost every type of network you could imagine. Most of them made sense and could be explained and I could understand why they were built the way they were. Some, not so much. During the last 10 years especially, I have started compiling network drawings and information on the many ways that networks are designed and deployed.
The following list of bullet points are my recommendations to an IT manager or business leader if they consulted me on how to put together information technology for their business. Please remember this is a fairly generic list and there are tons of deviations to take into consideration when building a network and then protecting it.
1. Policies and Procedures
Policies and procedures are the cornerstones of your IT governance. This is the “what is going to happen and how is going to happen” of your security posture, and from the big picture your entire IT infrastructure. Creating a solid policy and procedure document or documents will provide your organization with an IT and security blueprint for your initial build, maintenance, management and remediation of issues. Solid policy and procedure manual(s) will also prepare the environment to work within any framework and meet compliance requirements.
2. Gateway Security
Gateway security is essential to keeping the bad guys out. There are a number of popular firewalls on the market that will provide excellent security at the gateway. The needs of the environment will dictate which firewall will work best.
For example, a high throughput environment with a large internal IP count might require a Next Generation Firewall (NGF) that runs only a few services on board and reserves the majority of resources for ingress-egress traffic. On the other hand, an environment that requires a very high level of security but has limited WAN bandwidth may be better suited for a UTM (Unified Threat Management) firewall which runs a number of services onboard. Traditionally it also utilizes significant resources for services like deep packet inspection (DPI), data loss prevention, (DLP), gateway antivirus, website filtering, email filtering and other high-end security services.
3. End Point Security
As the old saying goes… AntiVirus is DEAD!!! Not really.
Actually, antivirus is evolving and morphing like your favorite advanced persistent threat (APT) malware. A few years back the InfoSec industry started to break new ground on digging deeper into threats and breaches using threat intelligence in real-time to actively pursue malware based on heuristic data. Heuristic data became important as technology progressed to utilize behavioral analysis based on up-to-date threat intelligence.
These progressions in the industry gave rise to Endpoint Detection and Response (EDR), which is quickly morphing into a formidable companion to traditional antivirus and antiMalware protection. The very minimum that should be deployed into an environment includes a good reputable antivirus with antimalware capabilities, however, to get a definite head start on any co |
| Envoyé | Oui |
| Condensat | “it “the “this most ***please 000 100 1000 2021 256 350 4096 802 999 @tonydegonia aaa ability about above absolutely access according accountability acronym active activity addresses advised aes after against aggregation agreement ain’t algorithm all allows almost also amount analysis answer any anymore” ap’s approach are around arp arsenal articles ask asset attack attacks attitude attitude” authentication automated awareness back backup based bdr because beck become been before being besides better biggest both botnet breaches broken brute building built but can can’t care case catastrophe catastrophic cause centralized change characters check choosing cking clearly clicked cloud collect com/in/tonydegonia combines come community compliance compromise compromising confidentiality connects consider considering consists containing continuance corporate correlate could countries creating cumbersome current currently cybersecurity daddy’s data day’s decide decision decrypt decryption definitely definitive demand department depending deploy deploying destroyed destruction*** destructive detailed detection deter dictionary difficult diligence directory disaster does don’t done doubt downloaded drive due during each ease easier employs enable encounter encounters end ensure entire environment essential estimated even event events every everything exceptional expeditiously expensive faster fcc features feel files final firm firmware first fits fix flaws follows: forcing forensics frame free from functionality functions furthermore generally generated get getting give giving global goes good granular great growth guest hard harder has hash hashed have hear help hence high hire hmac hmac−sha1 how http://linkedin huge hundreds idea identify iit important impossible improbable improvement incident industry infected information inoperable instead integrity intelligence intelligence investment issue iterations its jobs just key know known last lastly ldap least legally length letters level life like: link linkedin list listed little locations log logic long look lots love mac maintain major make making malware management managers manufacturer many market marketing massive may meant meet mic million minimum minutes more morii most move much must namely names necessity need needs network non not note now number numbers ohigashi old one only open operation operations opportunity optimally organization organization’s organizations organize organized other others out own owner parsing passphrase password passwords pbkdf2 people perform performing perhaps person plain plan planning please point popular portions positions powerful predicted present pretty prevent price proactive problem professional pronounced proof provide purchaser purposes put rainbow random ransomware rate rc4 reach real reasonable recognize recovered recovery reduce regarding regulations reliability remediation remote reputable require required requirement in resounding return right road rogue routers run running safe said salt saying search secure security sem service services set setup several shortage shorten shortfall should siem significantly silent sim simply single size skepticism skills sla small smart some something spoofing ssid ssids staff states stay steps such suffer supply supports system systems tables take taken takes talent tape team technical test tews text than then therefore thing things thousands threat threats time times tkip tkip: today tool top traffic train training tune twitter two type types unique united unknowing use used useful user users users” using utilize variables vary vectors vendors ventures very virus visibility want way weakest website well what when which wifi will within works worth would wpa year yet your |
| Tags | Malware Tool Threat Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.