Cyber Defense eMagazine January Edition for 2022

More documents

Recommendations

Info

1. Develop requirements for an Access Control Program. A formal Access Control Program should be implemented that includes a documented user registration and de-registration process for requesting, approving, granting, modifying, reviewing, or revoking access. Access control rules should reflect the requirements of your organization for the authorization, access to, dissemination, and viewing of information. These rules should be supported by formal procedures with clearly defined responsibilities that are assigned to appropriate roles. Be sure your access control requirements address both logical and physical control measures which should both be based upon the principle of least-privilege. 2. Identify and document account types. Account types (e.g., standard user, privileged user, system, service, etc.) used by your organization should be identified and documented. Access control rules for each user, or group of users, should be clearly stated. The conditions for group or role membership should be established as well. Users should have a clear understanding of the security requirements to be met by the access controls implemented by your organization. 3. Ensure ongoing account management is in place. Unauthorized or inappropriate account access is likely to occur if ongoing maintenance is not in place for all accounts. Account management is not a “one-and-done” exercise but must be performed on a recurring basis to maintain effectiveness. Management approval should be required for all requests to create accounts. Accounts should be created, enabled, modified, monitored, disabled, and removed in accordance with an approved Access Control Policy. Supporting procedures should detail the steps required to meet the defined policy control requirements. Periodic internal account and access reviews or audits should be performed, at least annually, during which the privileges should be verified to validate that the need for currently assigned privileges still exists. 4. Actions need to be associated with a unique, individual user. All users should be assigned a unique identifier (user ID) for their personal use only. Appropriate user authentication techniques should also be implemented to substantiate the claimed identity of any authorized user requesting access each time they log in to your organization’s networks, systems, or applications. Baseline controls should include settings for password or passphrase composition and complexity requirements. 5. Set controls for accounts with privileged access. This is needed to reduce the likelihood of providing standard users with more access permissions than they require. Appropriate checks or validations for actions performed with privileged accounts should also be implemented to ensure authorized privileged account users are fulfilling their assigned roles in accordance with prescribed security control requirements. The principle of least privilege must be followed, authorizing only access that is necessary for each individual user to accomplish their assigned tasks in accordance with your organization’s mission or business functions. 6. Implement and maintain secure logon processes. This verifies the identity of users and associates the user with the actions they perform. Secure logon processes may also help reduce the likelihood of password compromise that may lead to security incidents or data breaches. A limit of five (or less) consecutive invalid logon attempts by a user during a fifteen-minute period should be implemented. Accounts should be locked after this threshold of failed logon attempts is reached. It is encouraged to send failed logon alerts, along with other appropriate domain controller alerts, to personnel responsible for monitoring the networks of your organization. 7. Provide for password management. This serves as one line of defense for protecting organizations, along with customer information they manage, from unauthorized access due to Cyber Defense eMagazine – January 2022 Edition 114 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
weak passwords. Password management systems should be interactive and should ensure only quality passwords are being used. Users should be required to follow best practices for the selection, use, and maintaining the confidentiality of passwords. It is recommended that your organization provides training on the selection, along with the safeguarding, of passwords. 8. Implement controls to secure information systems when unattended. These controls should provide a layer of defense for organizations to decrease the risk of an unauthorized user gaining access to an authorized user’s system or the output from system devices. Your Access Control Policy should contain clean desk control requirements to ensure that papers or media that are not actively being used are kept in desk drawers or filing cabinets. Personnel should activate a screen lock when they leave their work area to reduce the opportunity for unauthorized personnel viewing potentially sensitive information displayed on a monitor or other peripheral device. Output devices, such as printers or faxes, should also be safeguarded to help prevent unauthorized individuals from obtaining the output from these devices. 9. Provide for remote access management. Controls need to be implemented to protect remote access to networks, systems, and applications, thus minimizing the window of exposure organizations face regarding unauthorized access or potential intrusions associated with remote access activities. All remote access should be authorized prior to allowing remote connections to your organization’s network to occur. 10. Manage and protect wireless access. Controls need to be implemented to manage how networks, systems, and applications are accessed using wireless technologies. Wireless access for users should be authorized prior to allowing wireless connections to be made. Wireless access to systems and applications should be protected using authentication of users or approved devices. 11. Have defined controls to support the segregation of duties. Your organization should implement segregation of duties for conflicting functions, or areas of responsibility, to reduce the opportunities for the unauthorized or unintentional modification, fraud, or misuse of information and information systems. A system of dual controls (e.g., two individuals with separate responsibilities needing to work together to accomplish a single task) should be required and implemented whenever possible. 12. Ensure effective controls are in place for mobile computing and working from home. Usage restrictions, configuration requirements, connection requirements, and implementation guidance should be established for all organization-controlled mobile devices. Full-device encryption or container-based encryption should be used to protect the confidentiality and integrity of information on mobile devices. Personnel should be required to report any lost or stolen mobile devices. Your organization should have the ability to wipe mobile devices remotely to remove all information if they are lost or stolen. Your organization should ensure that a comprehensive Access Control Program is developed and implemented consistently across the organization. Organizations that do not could potentially overlook a pivotal security function or leave a control unaddressed. By developing a comprehensive Access Control Program, supported by all organizational stakeholders, organizations can avoid key access control pitfalls for effective overall security. Cyber Defense eMagazine – January 2022 Edition 115 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
“Owning Your Identity” Through
Page 3 and 4:
WatchGuard Technologies’ 2022 Pre
Page 5 and 6:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8:
Cyber Defense eMagazine - January 2
Page 9 and 10:
MUST ATTEND REPLAY AVAILABLE ON-DEM
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
But in spite of this threat, consum
Page 41 and 42:
How To Thwart Fraud with Phone Numb
Page 43 and 44:
mutable and dynamic by continually
Page 45 and 46:
Phishing: How To Improve Cybersecur
Page 47 and 48:
organizations gather data all in on
Page 49 and 50:
offers comprehensive firmware prote
Page 51 and 52:
Why Hackers Attack Mobile Devices a
Page 53 and 54:
the network. This is a good indicat
Page 55 and 56:
About the Author Nicole Allen, Mark
Page 57 and 58:
Know your customer As spam and phis
Page 59 and 60:
Microsoft Successfully Defended The
Page 61 and 62:
However, you can’t rely 100% on t
Page 63 and 64: Why Americans Joined Europe in Not
Page 65 and 66: Have a good backup policy. A good p
Page 67 and 68: Secure Apart from reporting, the af
Page 69 and 70: Taking a hard look at the current s
Page 71 and 72: There are plenty of organizations t
Page 73 and 74: 5. The impact of the talent shortag
Page 75 and 76: The industry is already embracing a
Page 77 and 78: WatchGuard Technologies’ 2022 Pre
Page 79 and 80: Users, especially professionals, ha
Page 81 and 82: What Are DeFi Flash Loans & How to
Page 83 and 84: DeFi hackers can easily exploit fla
Page 85 and 86: 3. Get audited Getting a smart cont
Page 87 and 88: Protecting Critical Infrastructure
Page 89 and 90: • They use penetration tools to g
Page 91 and 92: Three Key Facts About AI-Driven Net
Page 93 and 94: About the Author Eyal Elyashiv is t
Page 95 and 96: Tyler Farrar, CISO, Exabeam “What
Page 97 and 98: Protecting unstructured data will l
Page 99 and 100: change again before they’re done.
Page 101 and 102: Samantha Humphries, head of securit
Page 103 and 104: Due to their successes, adversaries
Page 105 and 106: Paul Farrington, chief product offi
Page 107 and 108: In 2022, it is going to become cruc
Page 109 and 110: Our Cyber Defenses Need to Be Battl
Page 111 and 112: the exploitation aspect, but if tes
Page 113: 12 Tips for Improving Access Contro
Page 117 and 118: Four Cybersecurity Predictions Fede
Page 119 and 120: 4. Cyber Funding Gets Granular In F
Page 121 and 122: Of course, these recommendations ar
Page 123 and 124: Cybersecurity Tips to Help Your Org
Page 125 and 126: Organizations can achieve true cybe
Page 127 and 128: quarter. Put simply, any organizati
Page 129 and 130: Cyber Defense eMagazine - January 2
Page 149 and 150: Free Monthly Cyber Defense eMagazin
Page 155 and 156: THE Q1/Q2 GAME CHANGER… CYBERDEFE
show all

Cyber Defense eMagazine January Edition for 2022

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?