//
Penetration testing is the act of testing your security systems, both internally and externally, and pen testers will stress your security by attempting to attack it in various ways
The author David Wray is a certified TigerScheme SST, with twenty years experience in technical Internet security. Beginning his career with the Peapod Group as a Firewall Engineer, David went on to found Sec-Tec Ltd in 2000, which specialises in penetration testing and technical assessment services.
Many people feel that penetration testing isn’t enough to secure their networks, especially today. Hackers can get into networks in more ways than you can count. Here’s how the new controls set by the Council on CyberSecurity work and how they benefit you.
Basic Overview
Security is becoming a major concern for most companies. Companies that make extensive use of the web, send and receive information via email, or other online channels, and that rely on IT for normal day-to-day operations need a way to secure mission-critical data and operations.
Securing against cyber attacks is tough. Companies need to defend their networks from both internal and external threats.
They must also be prepared to detect and take down follow-on attacks which occur after a network has been breached.
Ideally, prevention rules the day. But, realistically, detection is necessary, and when it comes to cyber security the best defence is a good offence.
That’s why companies like www.sec-tec.co.uk exist — to perform security training, pen testing, and guide companies on best practices.
It’s also why organisations like the Council on CyberSecurity exist — to help set standards for companies.
What Is The Goal?
The goal is to, of course, reduce the risk of attacks. While it’s impossible to completely eliminate the threat, companies can take important measures to reduce the risk of one. Some of the most basic steps include:
- Taking an inventory of both authorised and unauthorised devices
- Securing configurations for hardware and software on both mobile and static devices
- Controlling use of administrative privileges,
- Maintaining and monitoring audit logs
- Locking down email and browsers
- Protecting sensitive data
- Controlling access to systems
- Penetration testing
- Incident response
Taking an inventory of authorised and unauthorised devices is one of the first steps to locking own your security.
Authorised devices should be simple enough to manage. When employees come on-board, they can be assigned devices internally. You must set rules for them concerning usage on and off-site. Most companies that are concerned about sensitive company data restrict users by not allowing devices to leave the premises. But, there may be times when this is necessary or even desirable.
Having an inventory of all authorised devices ensures that you know exactly how many devices your company owns and where they are.
Unauthorised devices also need to be monitored. An unauthorised device is typically a personal device, like a personal tablet or mobile phone. These devices can log onto the company network and access data. This is usually undesirable because you cannot control other apps on the employee’s device.
Another issue with unauthorised devices is that they make it more difficult to control the flow of information. An employee may knowingly or unknowingly download information from your company’s network, and then take it off-site where it is distributed in an uncontrolled manner.
Another important aspect of security is securing hardware and software configurations so that employees and vendors are limited as to what they can do on authorised devices. If you keep software restricted to what is essential for the employee to do his or her job, you reduce the risk of security breaches that happen because of processes that are outside of the core job duties.
For example, an employee might only need several applications to do his or her job. Restricting access to the Internet prevents the employee from mistakenly or purposefully downloading other applications or using authorised devices in an unauthorised manner.
Restricting access can also prevent outside access to critical systems. Closing ports on routers or restricting access at the administrator level by using guest accounts for low-level employees, will prevent malicious users from gaining admin-level access from those computers.
Regular security audits are important too, as is monitoring audit logs.
Finally, penetration testing and incident response protocols will both reduce the risk of security breaches and minimise systemic damage when a breach occurs.
Pen Testing: What You Should Know
Penetration testing is the act of testing your security systems, both internally and externally. Penetration testers, or pen testers will stress your security by attempting to attack it in various ways.
Usually, pen testing is one in a controlled environment because of the inherent risks of this type of testing. But, testers will absolutely find security holes and alert them to you through extensive reporting.
Internal testing can also consist of social engineering, where testers attempt to compromise your security by manipulating your employees using psychological tactics.
The views expressed here are of the author’s, and e27 may not necessarily subscribe to them. e27 invites members from Asia’s tech industry and startup community to share their honest opinions and expert knowledge with our readers. If you are interested in sharing your point of view, please send us an email at sainul[at]e27[dot]co.
Image Credit: Shutterstock
The post Avoiding digital danger: How penetration testing can secure your network appeared first on e27.
from e27 http://ift.tt/21kyf1X