• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

5 Security Tips for Spring Cleaning Season

May 16, 2019 By The Editor

Spring is well underway and summer is just around the corner. If you haven’t gotten around to giving your network a good spring cleaning yet, now is the perfect time to step back and sweep out the cobwebs to improve your security posture. In his latest guest article for Help Net Security, WatchGuard’s Sr. Security Researcher, Marc Laliberte, suggests a few key tips you can use to tidy up your network safeguards:

  • Review third-party access and policies – Network admins and IT workers should have a formal system in place for reviewing and removing access and credentials they have issued to contractors and third parties, but somehow a few of these always slip through the cracks.

At least once per year, make a point to review which contractors and third-party services have access to your network or VPN, remove ones that are no longer active, and ensure the ones that are active are completely locked down. For example, if you set up a temporary account giving a consultant privileged access but forgot to remove it when their contract ended, you’re leaving a weakness in your organization’s security. Whenever possible, use the principle of least privilege.

This also applies to firewall policies. Many administrators will add temporary policies for legitimate reasons, but then forget to remove them. For instance, if a contractor needs to transfer files regularly with a remote cohort at his headquarters, IT might spin up a temporary FTP server and sets a policy to let the contractors reach it remotely through their firewall. A month later, the administrator has forgotten about the FTP server and policy. Six months later, the forgotten server hasn’t been patched and is now vulnerable to several new exploits.

 The good news is many firewalls and UTMs have features that will show which policies are used often, and which have remained unused for weeks or months. These features can help administrators to quickly purge outdated policies.

  • Take inventory of network upgrades – As your network grows, your technical security controls need to grow with it. Once a year, look at how your network has changed and assess if your current security hardware and software is still adequate. As employees bring in more IoT devices like Fitbits or as connected lightbulbs and IoT sensors make their way into the office, they increase the workload on endpoint security solutions.

As network speeds increase, firewall appliances need enough power to process that increased volume of traffic while still performing all of its security scans. A five-year-old UTM won’t be able to process the amount of HTTPS traffic present on today’s networks without slowing down network performance or skipping important security services. Make sure your network isn’t outgrowing its security controls.

For more helpful tips and to read up on all five of Marc’s best practices for security spring cleaning, check out the full article on Help Net Security. And keep in mind, good security should be a top priority all year long! Subscribe to Secplicity today to stay up to date on the latest in infosec news, advice and expert commentary.

Share This:

Related

Filed Under: Editorial Articles, Featured Tagged With: cyber security, Malware, Software vulnerabilities, Updates and patches

Comments

  1. Damon Delvechio says

    June 2, 2019 at 8:01 am

    Well done!

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • The RCE Vulnerability That Wasn’t
  • When Trying to Catch ‘Em All, Leave This RAT Alone

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • The RCE Vulnerability That Wasn’t
  • When Trying to Catch ‘Em All, Leave This RAT Alone
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use