Visibility is everything as a security professional. You have to know what you are protecting before you can protect it. Going on a hunch and implementing security piece by piece as the issues arise is a sure way to find yourself in a bad situation. You could be working on something that you feel is high priority, without knowing that there are other pressing issues to handle. The following steps should be taken as soon as possible to ensure that you can cover the most ground as a security team.
Whether this is gathered manually, with a script or a powerful scanning tool. It is vital to the organization to get an overall map of your network systems to create a visual of what you have, where it’s at and some of the controls around these points. Now the type of method you use really depends on the type of organization you are and how your servers are configured and the size of your business. As long as it will take to manually gather the information, trying to get a group of the correct people together to implement a scanning tool may take even longer, but the results will be easily replicated in the long run when it comes time to update the topology.
This can be difficult for larger companies to keep track of once they have already started the process of handing out computers. Keeping track of laptops, desktops, printers, tablets and company cellphones is a must. You want to make sure there is a name associated with each computer name or device. This way if a disgruntled employee walks off the job with their laptop, you can take effective measures to ensure that they will not do harm to the company. An effective asset management program will also help in detecting unauthorized machines that may be intruding on the network. If every machine has a computer name that is tied to your network, these intruding computers will stick out like a sore thumb.
Cameras, Cameras, Cameras
Having a well laid out camera retention program will place eyes in the sky to better help document the physical security of important assets like data centers, network closets and the CEO’s office. An effective way to spread out the wealth with your camera system is to place one at every entrance and exit point. This way if an incident does occur you can go to the camera footage around the time it happened to track down all the people coming in and out of the building. Also by placing a camera anywhere there is a physical handling of sensitive information including SSN’s or credit card numbers, you can ensure that not falsifying of information will be taking place. It is too easy for a pissed off employee to snap a photo of someone’s account without any detection.
Overall no control, big or small is ineffective when it comes to gaining awareness. You don’t realize how important things like a timestamp are when doing a fraud investigation on someone at your company. All the above information should be updated once or twice a month and readily available for use at a moment’s notice.
[contentblock id=72 img=gcb.png]