Securing workstations #CyberSecMonth
Protect your computer equipment by securing workstations
A user who is not well informed about good IT security practices can become the gateway to a malicious cyber attack. A workstation with a security vulnerability or few restrictions can therefore compromise the entire information system.
The measures to be taken:
Secure the entire IT infrastructure:
Implementing a minimum level of security throughout the entire IT infrastructure helps to counter or mitigate employee clumsiness. Thus, it is up to the IT department to limit the applications installed on computers. It is also advisable to activate the local firewall and install anti-virus software on each workstation. Encrypting the partitions where the data is located and disabling automatic executions are also good practices. Items that have to deviate from the rule (for example, for compatibility reasons) must be isolated from the system. Workstations and servers holding sensitive data must be backed up regularly on disconnected equipment.
A Cyber-attacker will seek to extend his intrusion to several workstations to access sensitive information. The activation of local firewalls via specialized software allows you to thwart or slow down his movements.
Protect yourself from removable media:
Removable media pose a threat to organizations as they can be easily misused. It is possible to spread viruses, steal sensitive information, and even compromise the network with a contaminated device. The Chief Information Systems Security Officer (CISSO) must make employees aware of the risks posed by these media.
Encrypt the company’s data flows:
It is essential to guarantee the security of data passing through the Internet. Thus, all data transmitted or hosted online must pass through secure communication channels (SSL/TLS or VPN tunnels), it is the CISSO’s responsibility to ensure that these means are encrypted and robust.
Apply security policies:
A cyber attack is often due to a flaw or vulnerability in the system, if the compliance of the entire system is not guaranteed, it remains vulnerable. The standardization of security policies is therefore a priority to secure an entire IT asset.
Implement these good practices:
Active Directory allows you to set up group policies (GPO) to define the security policies that will be deployed on all workstations in the domain, which allows you to disable automatic execution or limit incoming and outgoing flows from workstations, for example.
Defining a Software Restriction Strategy (SRP or AppLocker) allows you to define the authorized software and block execution from unknown devices. Without even realizing it, the user is restricted in his actions on the workstation and can only with difficulty accidentally compromise the integrity of the network.
Network segmentation, ideally by Private VLAN, is an optimal measure for network security.
As mentioned above, it is recommended to prohibit the connection of unknown USB keys. Legitimate keys (often those of the organization) whose content cannot be relied on should be forwarded to the IT department for testing on a single computer. If a key is broken, the combined use of antivirus, software restrictions and a firewall can limit the spread of the virus. Coupled with a centralized logging system (Wazuh or Splunk), the IT department can then obtain feedback and act accordingly. In all cases, the contents of a removable media must be subject to antivirus scanning.
Update your fleet in a few clicks with WAPT
WAPT is an Open Source software deployment solution that allows you to install, update or uninstall your software and configurations in less than two minutes. This way you can automatically deploy your software packages to keep your IT assets up to date and quickly fix security vulnerabilities. The centralized console allows you to act remotely on the entire fleet. WAPT also allows you to schedule the deployment of software so as not to interrupt the work of employees. With more than 1,000 packages available on the store, you can easily maintain your computer equipment!
We combine our software with our expertise on Samba Active Directory, the open source equivalent of Microsoft AD, to ensure the security of your fleet. Choosing Open Source means choosing to save on licensing costs and invest in the future of software!
Addressing risks and applying good practices
Since the General Data Protection Regulations, both citizens and organisations have become increasingly aware of the challenges involved in securing personal data and are responsible for digital security. CyberSecMonth is also an opportunity to communicate about the dangers associated with bank data. Thus, this week you will find two guides on the good reflexes in cybersecurity created by the French Banking Federation, a computer graphics on personal data designed by CLUSIF as well as a computer graphics on ANSSI‘s ransomware.
What you shouldn’t have missed:
Who to follow during #CyberSecMonth?
Find all our recommendations on Twitter and LinkedIn and on hashtag: #TousSecNum, #CyberSecMonth, #ECSM2018 and #ECSM. Also follow our hashtag #CyberConseil to follow Tranquil IT’s advice and discover the following graphics
Tranquil IT is now referenced to the UGAP through the multi-publisher contract carried by SCC. Behind all these somewhat bureaucratic terms is very good news for those who want to buy the innovative products and services offered by Tranquil IT. What does that mean? In...
This is already the end of the 2018 edition of CyberSecMonth, we hope that you will continue to raise awareness and remain vigilant about the challenges of digital security. On our side, we would like to conclude our CyberAdvice by sharing with you a latest graphic...