It’s finally Spring here in the Northeast, which means it’s time to get cleaning! Usually, we think of Spring cleaning as taking part in household chores, but there’s another place most IT professionals overlook that needs some attention; That’s right, your technology!
Sweep Out Unauthorized Applications
Start by taking an inventory of your applications. Apply application white listing in your organization and continuously monitor to ensure that only authorized software will be allowed to run. This will give you a first-hand look at what’s going on in your environment. Also, it is a good idea to update your operating systems, firmware, and run a quick back up.
Dust Off Old Admin Privileges
Watch for accounts that no one has logged into in months. These are called zombie accounts. Revoke the rights of those people who do not need them. When more people have access to company data it creates a bigger security risk. Administrator privileges should be audited frequently in order to keep up with transparency and security.
Another place people forget to audit is their Active Directory. AD accounts are disabled but they are still hanging around, which can be a backdoor that leaves your network vulnerable.
Take Old Emails to the Trash
Email is the number one vehicle for phishing attacks, along with malware and ransomware attacks. Unethical hackers are using complex techniques to send very credible emails, getting even the most trained and sophisticated users to click on links and attachments. See if you can spot the difference in this Google quiz. Educate your employees; Help them understand how to spot an advanced phishing attack and prevent future breaches. Here are a few signs to look out for based on Google's best practice recommendations:
- Urgent action required
- Poor spelling and grammar
- Something doesn’t look right about the message
- Mismatched URL
- URL contains the misleading domain name
- The message asks for personal login information
Spit Shine Your Password Management
Using a different password for each online account seems challenging for most people. Remembering which password you used for which account can be nearly impossible. Make your life easier by using a password manager. Password managers generate secure unique random passwords by using a combination of letters, numbers, special characters, and passphrases. Think about storing them all in an encrypted vault. Since online, or cloud-based password vaults aren’t always 100% secure, use an offline, or on-prem password manager that has multi-layer encryption.
Wet Mop with Multi-factor Authentication
Using secure multi-factor authentication is currently the best and most secure way to add an extra layer of security to your online accounts for services like Google, Twitter, Dropbox, and many others. Usually, it involves sending an SMS text code to your smartphone along with your password. You can also generate an individual code with your smartphone by using apps like Google Authenticator. Another option is to use something you have, like a special YubiKey, email address or something you are by using biometric data from Voice or geo-location.
Once you’ve completed this list, sit back and enjoy an improved and more secure environment (while you avoid your real spring cleaning)!