Subscribe to Email Updates

Latest Blog Post

To Increase Security, Lock Down User Privileges

Travis Abrams
by Travis Abrams on May 23, 2017 8:00:00 AM

There is incredible value in taking a ‘back to basics’ approach to endpoint security. Focusing efforts on the fundamental aspects of security helps create a rock-solid, network foundation without the costs associated with procuring new hardware or software.

In the previous two articles, we discussed the importance of network visibility and data protection, that is, knowing exactly what’s on the network from servers to endpoints to data, and how to protect critical data with backup and recovery. The third tenet of a back to basics approach involves user roles.

Today, users are often on the front lines of the cybersecurity battle because they are some of the easiest targets. Instead of attacking a complex software vulnerability, using social engineering techniques, hackers can create extremely convincing email messages to users, which contain files designed to infect machines with malware or links to compromised websites used to extract information.

IT can help protect vulnerable users and secure data from social engineering and malware by placing a strong emphasis on assigning proper roles to each user – and removing administrator privileges – so that malware cannot be executed.

How account management helps

Typically, when a device becomes infected with malware it’s because the malicious code was able to be executed on a machine with usermanagement.pngadministrator privileges or exploited a vulnerability. It’s much simpler to target user machines and hope they have right level of privileges rather than try to exploit an advanced (and unpatched) vulnerability. In fact, when leveraged by cyber criminals, user privileges can act as a key vulnerability, granting intruders access to execute malicious software and gaining a foothold for a larger attack. Limiting user privileges on company hardware helps keep networks safe because it can help limit the scale of potential breaches, isolating them to a single device, or hopefully prevent them before they even start.

It goes without saying that in highly regulated environments such as the public sector, controlling user privileges should be a top priority. However, this basic IT function should not be overlooked by other organizations.

Make the most of your IT team’s time

In a recent McAfee Labs Threat Report, 67 percent of organizations indicated they had seen an increase in attacks and 93 percent reported they were unable to triage all relevant threats, a clear sign they are overwhelmed by the sheer number of security incidents. The recent Intel Security Cloud Report also suggests there is a shortage of security professionals, with 49 percent of organizations saying they had slow adoption of cloud services because of a lack of security skills.

A back to basics approach to security can help ease the burden of a rise in security incidents on IT teams by preventing many issues from happening. From network visibility to data protection and user management, the three tenets of this approach focus on the fundamentals of a secure enterprise network.

A fourth pillar: education

In many ways, education is just as important as network visibility, data protection and user management, but it is often a longer-term project. Teaching users about security best practices is an excellent preventative measure and worth the investment, because users can help identify sensitive data, and help prevent breaches.

Educating users in security best-practices is also an ongoing, long-term strategy and requires executive-level support to be truly effective, but is a worthwhile pursuit.

Get back to basics with DG Technology

In this three-part blog series, we’ve identified the three fundamentals that every security strategy should get right: network visibility, data protection and backup and user management. Now, get the right security strategy in place for your organization with a complimentary consultation with DG Technology’s team of security specialists.

 

 

 

 

 

 

 

 

Leave a comment

Travis Abrams
Written by Travis Abrams
Results-driven, information security professional with a proven record of success in researching, planning and implementing innovative technical solutions that meet business needs while managing risk. Specialties: Intrusion Prevention and Detection, Data Loss Prevention, Vulnerability Management, Malware (APT) defense and Security Program Development. CISSP CISM
Written by Author

Related posts

The Importance of Data Backup and Recovery in Any Security Strategy

It cannot be overstated: a “back to basics” approach to system security can reduce the number of administrative tasks and...

Travis Abrams
By Travis Abrams - May 18, 2017
Why You Need a Back to Basics Approach for Network Security

With the abundance of cybersecurity threats and vulnerabilities today, it can be tempting to see purchasing the latest security...

Travis Abrams
By Travis Abrams - May 15, 2017