[ISN] Seven surefire strategies to block network attacks

From: InfoSec News (alerts@private)
Date: Fri Nov 30 2007 - 01:13:47 PST


http://www.itbusiness.ca/it/client/en/home/News.asp?id=46153

By Nestor E. Arellano
11/29/2007 

While network attacks are expected to rise in 2008, security experts say 
small Canadian businesses can protect themselves by implementing seven 
practical steps.

"Protection is not always an expensive proposition," said Marc Fossi, 
manager of the Canadian security response team at Symantec Corp.

When it comes to network attacks, he said, small and mid-sized 
businesses (SMBs) are favourite hacker targets, as they have lots of 
confidential client information, but often lack adequate means to 
protect these assets. "Attackers are opportunistic; they'll get at 
anything that provides an opening."

North American companies lost an estimated US$30 million in 2007 due to 
network attacks, according to Infonetics Research of Campbell, Calif. 
The costs - associated with lost sales and labour due to downtime - 
eroded as much as 2.2 per cent of the revenue of large enterprises, and 
as much as half the annual revenue of some SMBs.

To avoid falling prey to such attacks, Canadian experts have the 
following tips:


1. Adopt a "defense-in-depth" approach

"No one system will adequately protect your organization from all the 
attackers out there," says Robert Beggs, CEO of DigitalDefense Inc. a 
Toronto-based provider of information security services.

He said defense-in-depth employs multiple defense systems, such as 
firewalls, anti-virus software, anti-spyware software and security best 
practices. "Each defense system might have its own set of 
vulnerabilities, but if you have many systems in place you reduce the 
chance of your defenses falling apart."


2. Always keep patch levels up-to-date

Operating systems and applications must always contain the latest 
security patches, says Adam Cole, director of specialty technology for 
McKesson Canada and national director for the Toronto chapter of the 
Canadian Information Processing Society (CIPS).

"A lot of times attacks get through simply because companies fail to 
download the latest patches," Cole said. Cole advices organization to 
designate a person or team to manage patch updates.


3. Consider network compliance solutions for mobile users

Security issues in businesses rose last year because of employees using 
mobile devices to access the company network, according to Computing 
Technology Industry Association (CompTIA), a Chicago-based worldwide 
group of IT professionals and companies.

Some organization reported security issues increasing by as much as 60 
per cent, said Steven Ostrowski, director of corporate communication for 
CompTIA. He said it is often more difficult to manage security for 
laptops and mobile devices such as BlackBerry handhelds. Fossi 
recommends that businesses set up strict policies about laptop and 
mobile device use and beef this up with security tools.


4. Enforce effective password policies

This is a no-brainer but a large number of users forget to periodically 
change passwords, often give them away or post them in the open, said 
Fossi.


5. Configure mail server to filter e-mail

A lot of spyware and viruses can be avoided by setting mail servers to 
block unauthorized or unwanted file attachments. Fossi said file 
attachments commonly used to spread viruses include: VBS, BAT, EXE, PIF 
and SCT files.


6. Train employees to be vigilant

Fostering a culture of security is often the best and cheapest defense, 
said Fossi. The basics include: not opening attachments unless they are 
expected or come from a trusted source, and avoiding downloading 
software from the Internet unless it's authorized and scanned to be 
virus free.


7. Ensure emergency procedures are in place

Employees should be trained to recognize threats and coached on how to 
respond to them. It is also very important to have a back-up and restore 
system and procedure, said Fossi. "This gives you the ability to recover 
data and get your network up and running in case an attack does get 
through."


__________________________________________________________________      
Visit InfoSec News
http://www.infosecnews.org/



This archive was generated by hypermail 2.1.3 : Fri Nov 30 2007 - 01:25:48 PST