Information Security Advice Archives

Don’t Become a Victim of Cyber Crime

Published on July 16th, 2020 11:34AM by Christopher McNaughton

The Impacts of a Cyber Attack In your personal life and as an employee, there are many aspects to consider when it comes to the use of devices (e.g. smartphones, tablets, computers and laptops). E.g. compromises of devices and the information they store can have significant productivity, financial impacts to your business as well […]

#application patching
#Information Security
#patching

Application Patching – Information Security Essentials

Published on April 1st, 2020 07:21PM by Christopher McNaughton

Application Patching Application patching refers to applying updates to software applications. It is absolutely critical for ensuring system security and must be done as soon as practicable. Time is key with patching: it is ideal to apply patches within 48 hours of release from the relevant software provider or vendor. When installing new applications, always […]

#Information Security
#macro
#macro settings

Configuring Macro Settings – Information Security Essentials

Published on April 1st, 2020 07:20PM by Christopher McNaughton

Configuring Macro Settings Disabling or limiting Microsoft Office macros can aid in preventing malicious code from entering your organisation’s network. Compromised macros can often evade basic email content filtering and application whitelisting. While macros can greatly improve productivity, they can also make your systems vulnerable, especially if they are out-of-date or downloaded from the Internet. […]

#Application Whitelisting
#Information Security

Application Whitelisting – Information Security Essentials

Published on April 1st, 2020 07:20PM by Christopher McNaughton

Application Whitelisting Application Whitelisting is a means to limit the number of programs running in your business environment that can potentially pose a danger to the security of your data. It restricts users from installing and accessing applications on their computer or electronic device other than those explicitly allowed by your company. In the SECMON1 […]

#Information Security
#mfa
#multi factor authentication

Multi Factor Authentication – Information Security Essentials

Published on April 1st, 2020 07:20PM by Christopher McNaughton

Multi Factor Authentication Multi-Factor Authentication requires end users to provide multiple methods of identification to confirm their identity in order to gain access to corporate resources and applications, as well as perform online transactions. By requiring an additional factor beyond a simple password, multi-factor authentication technology makes it far more difficult to exploit the login […]

#application hardening
#Information Security
#user application hardening

User Application Hardening – Information Security Essentials

Published on April 1st, 2020 07:20PM by Christopher McNaughton

User Application Hardening While useful for many business operations, applications like Flash, Java, Adobe Acrobat and certain features in Microsoft Office (e.g. OLE), can allow malware or intruders to enter your network. Disabling these applications and blocking online ads can remove any opportunity for adversaries to exploit these potentially disruptive tools. If your organisation uses […]

#admin priveleges
#Information Security
#local admin
#local administrator

Restricting Administrator Privileges – Information Security Essentials

Published on April 1st, 2020 07:19PM by Christopher McNaughton

Restricting Administrator Privileges Restricting administrative privileges makes it difficult for to spread malware and malicious code inside your network. In terms of access to your valuable business data, administrative accounts are the keys to the kingdom. If malicious code is activated using an administrative account, it can elevate its privileges, spread to other hosts, avoid […]

#Information Security
#operating system
#os patching
#patching

Operating System Patching – Information Security Essentials

Published on April 1st, 2020 07:19PM by Christopher McNaughton

Operating System Patching Operating System (OS) patching refers to applying updates to operating systems. It is absolutely critical for ensuring system security. Time is of the essence in patching. It is ideal to apply patches within 48 hours of release. In the SECMON1 blog post ‘Security Overview – Information Security Essentials’ , we spoke about […]

#Information Security
#local admin
#local administrator

Disabling Local Administrator Accounts – Information Security Essentials

Published on April 1st, 2020 07:19PM by Christopher McNaughton

Disabling Local Administrator Accounts The Administrator account (NT AUTHORITYAdministrator) exists by default on all Microsoft Windows (Windows NT-based) systems and Active Directory domains. It is typically used as a setup and disaster recovery account. If you must use the local administrator account, only use it during setup and to join the machine to the domain. […]

#back ups
#backing up
#backup
#Information Security

Backing Up – Information Security Essentials

Published on April 1st, 2020 07:19PM by Christopher McNaughton

Backing Up The concept behind backups is simple: Make a copy of your files and configurations and place them on storage separate from your main hard drive. That storage can be another drive, an external drive, a NAS, a rewritable disc, or an online storage and syncing service. Should you lose the files, either through […]

Category: Information Security Advice

Categories

Don’t Become a Victim of Cyber Crime

Application Patching – Information Security Essentials

Configuring Macro Settings – Information Security Essentials

Application Whitelisting – Information Security Essentials

Multi Factor Authentication – Information Security Essentials

User Application Hardening – Information Security Essentials

Restricting Administrator Privileges – Information Security Essentials

Operating System Patching – Information Security Essentials

Disabling Local Administrator Accounts – Information Security Essentials

Backing Up – Information Security Essentials