Companies That Are Doing Security Right

With the Heartbleed bug, the banking malware fiasco, and even the recent news that 5 million Gmail accounts were compromised via the universal login feature, it would seem like Computer Security in general is in a bad place. To someone looking from the outside, there are way too many possible vulnerabilities coupled with the fact that hackers these days are even more financially motivated.

Cyber Security at MoD MOD 45156131

The truth is that security is still where it needs to be. Attacks and exploits get more sophisticated but the good guys still manage to get on top of things. Unfortunately, sometimes it does seem like the guys on our side are just playing catch up. However, there are a few companies who seem to know what they are doing and manage to stay one step ahead of everyone in terms of security, by doing a couple of simple things on their end:

No Permanent Members in Admin Groups

Administrator access is technically the keys to the kingdom. When hackers gain access to a member of the admin group, they no longer need to worry about any other security in the network. They can even set their own policies or do anything to disrupt (but they won’t, the real dangerous intruders want their deeds to go unnoticed so that they can stay inside for a long time.)

Most companies address this by taking really good care of the administrator accounts in their groups. They make sure that only the people who really know what it means to have elevated privileges. However, really smart companies do one thing further and apply delegation, where individual sets of elevated permissions are given to smaller groups of objects. Or they do a variation where they use a password vaulting software in order to ensure that super admin credentials are checked out on the fly. The main purpose is to further minimize the attack surface area by turning it into a moving target.

All Web Hosting plans of Prestige Technologies provides redundant security measures. Click here and check out the different plans.

You will be surprised to know that many intrusions were prevented by this because the hackers were frustrated or simply gave up, knowing that there are easier, more vulnerable targets out there.

Get Rid of Java or Keep It Patched Regularly

It may sound mean but it’s the truth. Java is a security risk and the fact that it has a spotty patching record further makes it not worth the benefit it brings, unless you can be 100% sure that you’re patching it regularly. Many companies keep Java installed because they want to ensure application compatibility. However, companies that are doing security right prioritize security over application compatibility. Once you find a workaround for API incompatibility, it’s pretty much smooth sailing from there on, but leaving a hole in your security is an ongoing risk to your company, your employees, and your customer.

Keeping Passwords Unique Across The Network

The aforementioned Gmail leak somewhat shines a spotlight on this: where the only people who were at risk are people who used the same password for different services. When it comes to company security, the same reliance on easy to memorize passwords can be their undoing. Each password should be unique (and never the default,) so that one being compromised doesn’t necessarily put the rest at risk (or that employees who shouldn’t have access to other people’s accounts wouldn’t be able to guess their way around.)

One of the reasons why non-unique passwords are prevalent is because it makes it easier for the users, but a company should never compromise security for the sake of making things a little bit more convenient for its employees. It is after all, those employees who will suffer is the company is taken down by malicious hackers.

One way companies manage unique passwords is by using an automated password generator or management tool (although it is better for your IT to just code a random string generator instead of using third party software. You never know if one of those has malware built in.)

Outstanding Monitoring

It’s common knowledge that no security measure will ever be 100% foolproof. So a company that values its security will accept that and never let themselves be caught offguard. A robust network and its safeguards will prevent attacks from succeeding, but in the very rare cases that one succeeds, a network that is constantly monitored by an alert security team will be able to address the situation before the hacker manages to do significant damage.

One Response to “Companies That Are Doing Security Right”

  1. Prestige Technologies - Best Web Site Hosting Company Says:

    […] domestic surveillance that goes as far back as 1998, having been set up by the Ministry of Public Security. Under the Golden Shield are local and provincial monitoring systems exclusive to specific […]

Leave a Reply

You must be logged in to post a comment.