Sunday 22 March 2015

British Secret Service Gives Companies Security Tips


British intelligence service GCHQ has all manner of security tips on how they can protect their systems, networks and information, including things like risk management, secure configurations, network, user, user awareness and prevent malware. A total of ten steps discussed to a safer environment.

The report with recommendations dating from 2013 ( pdf ), but appeared this week in the British media. The Daily Telegraph wrote about the measures in the report, partly because of the advice to turn off unnecessary input / output devices and remove access to removable media. Thus, companies should consider whether their staff access to things like MP3 players and smartphones requires. Would unused functionality should be disabled, such as USB ports, floppy drives and CD and DVD players.

According GCHQ users remain the weakest link in the security chain. "And will always be the primary target of all kinds of attacks. A successful attack simply by a user to leave open an email with malicious content." Organizations therefore be advised to monitor all user activity, as well as network traffic and all IT systems.

USB Flash Drives

In the advisory, a special chapter included drawing attention to removable media such as USB drives. For example, it is recommended to limit the use of removable media. "What use is unavoidable, organizations must limit the types of media that can be used together with the users, systems and the type of data that can be stored or moved to removable media."

Organizations would be wise to regularly scan removable media for malware and the information stored on it, depending on its value and the risks to which it, encrypt. In addition, removable media should be managed and disposed of active, to ensure that previously stored information is no longer accessible.

No comments:

Post a Comment