OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[ISN] Seven surefire strategies to block network attacks

From: InfoSec News (alertsinfosecnews.org)
Date: Fri Nov 30 2007 - 03:13:47 CST

http://www.itbusiness.ca/it/client/en/home/News.asp?id=46153

By Nestor E. Arellano
11/29/2007

While network attacks are expected to rise in 2008, security experts say
small Canadian businesses can protect themselves by implementing seven
practical steps.

"Protection is not always an expensive proposition," said Marc Fossi,
manager of the Canadian security response team at Symantec Corp.

When it comes to network attacks, he said, small and mid-sized
businesses (SMBs) are favourite hacker targets, as they have lots of
confidential client information, but often lack adequate means to
protect these assets. "Attackers are opportunistic; they'll get at
anything that provides an opening."

North American companies lost an estimated US$30 million in 2007 due to
network attacks, according to Infonetics Research of Campbell, Calif.
The costs - associated with lost sales and labour due to downtime -
eroded as much as 2.2 per cent of the revenue of large enterprises, and
as much as half the annual revenue of some SMBs.

To avoid falling prey to such attacks, Canadian experts have the
following tips:

1. Adopt a "defense-in-depth" approach

"No one system will adequately protect your organization from all the
attackers out there," says Robert Beggs, CEO of DigitalDefense Inc. a
Toronto-based provider of information security services.

He said defense-in-depth employs multiple defense systems, such as
firewalls, anti-virus software, anti-spyware software and security best
practices. "Each defense system might have its own set of
vulnerabilities, but if you have many systems in place you reduce the
chance of your defenses falling apart."

2. Always keep patch levels up-to-date

Operating systems and applications must always contain the latest
security patches, says Adam Cole, director of specialty technology for
McKesson Canada and national director for the Toronto chapter of the
Canadian Information Processing Society (CIPS).

"A lot of times attacks get through simply because companies fail to
download the latest patches," Cole said. Cole advices organization to
designate a person or team to manage patch updates.

3. Consider network compliance solutions for mobile users

Security issues in businesses rose last year because of employees using
mobile devices to access the company network, according to Computing
Technology Industry Association (CompTIA), a Chicago-based worldwide
group of IT professionals and companies.

Some organization reported security issues increasing by as much as 60
per cent, said Steven Ostrowski, director of corporate communication for
CompTIA. He said it is often more difficult to manage security for
laptops and mobile devices such as BlackBerry handhelds. Fossi
recommends that businesses set up strict policies about laptop and
mobile device use and beef this up with security tools.

4. Enforce effective password policies

This is a no-brainer but a large number of users forget to periodically
change passwords, often give them away or post them in the open, said
Fossi.

5. Configure mail server to filter e-mail

A lot of spyware and viruses can be avoided by setting mail servers to
block unauthorized or unwanted file attachments. Fossi said file
attachments commonly used to spread viruses include: VBS, BAT, EXE, PIF
and SCT files.

6. Train employees to be vigilant

Fostering a culture of security is often the best and cheapest defense,
said Fossi. The basics include: not opening attachments unless they are
expected or come from a trusted source, and avoiding downloading
software from the Internet unless it's authorized and scanned to be
virus free.

7. Ensure emergency procedures are in place

Employees should be trained to recognize threats and coached on how to
respond to them. It is also very important to have a back-up and restore
system and procedure, said Fossi. "This gives you the ability to recover
data and get your network up and running in case an attack does get
through."

__________________________________________________________________
Visit InfoSec News
http://www.infosecnews.org/