IT security threats are constantly evolving. It’s time for IT security pros to get ingenious.
- Rename Privileged accounts: to something less obvious than “administrator” (security by obscurity)
- Get rid of Privileged accounts: administrator, domain administrator, enterprise admin etc. Remember that even Microsoft has started doing this since Windows Server 2008.
- Keep Honeypot: Setup a computer asset set up solely to be attacked. They are monitored. When the attacker (hacker, malware) touches it alerts the CISO. (low noise, high value).
- Use non-default ports: Install services on nondefault ports. It works against automated attacks well.
- Install applications in non-default directories: Even OS can be installed this way eg C:/Win10 instead of C:/Windows. Don’t forget to create empty fake folders to mimic the real ones under C:/Windows. It reduces the risk from automated attacks, and immediately you know malware files in c:/windows/system32 folder.
- Tarpits: When the network (and honeypot) has tarpit functionality it answers any nonvalid connection attempt. But this needs to be set up carefully to avoid false positives.
- Network traffic flow analysis: Use free and commercial software to establish baselines for what should be going where. In case of any anomaly, the alarm should ring. This is very effective in preventing large-scale data thefts.
- Screensavers: Password-protected screen saver is a straightforward technique but works every time for the devices that are left idle for a reasonably long time.
- Disable browsing on Servers: Best is not to give internet access to servers that serve internal users only. Consider disabling UAC (User Access Control) on Windows servers.
- Security-minded software development: When getting custom software developed for your needs ensure that code security is built into the design and reviewed from day one of the projects.
- Install SSL Certificate on Internal Servers: That’s why you are on this website. Isn’t it? Start with a 90-day Free SSL Certificate.
If you have learned anything new here please write a comment.
For the full article visit: https://www.infoworld.com/article/2617356/10-crazy-it-security-tricks-that-actually-work.html
11 crazy IT security tricks that actually work