Posted on March 31st, 2015 by Joel Nimar
Understanding viruses help protect against them, but real protection requires knowing your environment, your usual behaviors, and your vulnerabilities.
Information security sounds like a technical problem, so it’s tempting to look for a technical solution. The reality, though, is that technical solutions are built to solve specific, known problems. They are constantly chasing after malware to block it when it’s been identified. But this is a reactive approach. You’ll protect your systems far more effectively if you identify risks and apply countermeasures in advance. You can’t rely on software alone to do that; you need human eyes, human awareness, and the human ability to make connections.
Technical Approaches to Protecting Systems
Technical solutions to protecting systems include antivirus software, data loss prevention software, firewalls, and intrusion dection systems.
Know Your Business to Protect Your Business
All the technical solutions mentioned above either need to be explicitly configured to look for specific threats or to identify suspected threats that may or may not be real threats. To configure them effectively, review the reported incidents effectively, and prevent issues in the first place, businesses need to analyze themselves to identify where they are vulnerable.
It’s amazing how easy it is to lose track of servers and systems. Companies should conduct an inventory to identify physical hardware and the details of their configuration, as well as the OS and patch levels applied. Details of the specific software deployed on each box should also be tracked. For database servers, the details of the data on each device should be identified, including whether it is confidential, proprietary, or contains personally identifiable information. For each server, database, and application, companies should identify what roles and what individuals are authorized for access.
Once this information is identified, you can start identifying where and how to protect your systems. Analysis of this information—by skilled employees, not an application—can help develop the signatures for IDS, Yara malware detection, and other security systems so monitoring is meaningful, rather than simply generating noise.
This information can also help a company direct its information security resources most effectively. The inventory should identify which systems are most likely to be targets for hackers, and those should receive particular attention and care. Try stepping back to view your entire company, executives, and employees from the perspective of a hacker to identify where you may be at risk. Using white-hat hackers can help with this through actively probing your system for weakness.
Companies also need to have a robust incident response plan. No matter how carefully you attempt to protect your information, you can’t completely block the possibility that there will be a successful attack. It’s important to have a strategy for how your company will respond—how it will identify what data was compromised, repair the technical environment, satisfy legal requirements, communicate with affected customers, and handle the public relations impact. People skills, rather than technical skills, may be the most important part of incident management.
Work With an Expert
Information security requires more than technology; it requires expert analysis. Pyramid Technology Services has 25 years of experience providing innovative technology solutions for your IT. Our information and cyber security services protect organizations information and assets. We provide solutions to vulnerabilities existing in a system and test how deeply an attacker can penetrate along with the forensic analysis of such activities. In addition to this, we provide solutions to existing security threats as well as corporate training to help organizations prevent their systems against further attacks.
Our consultants and security professionals are seasoned in law enforcement, hold active security clearances, and are certified in computer forensics, penetration testing, and technologies including Firewalls, Intrusion Detection Systems, virus detection and eradication.
We are currently offering a 15% discount on a GAP assessment. Contact us today for a security assessment so we can help you identify gaps, probe for weaknesses, and create a strategy that secures your data. Contact us directly at 978-823-0700 or firstname.lastname@example.org for more information.
Value. Expertise. Trusted IT Partners.