Being the victim of a cyber-attack can be scary, expensive and potentially business-crippling. So how do you prevent a cyber-attack? Start with making security a priority for all IT operations, and the first place to start is by making systems as ‘hacker proof’ as possible: Gold Build Standard? Corporate Build / Hardened Build? Controlled Image? Baseline Configuration?
Despite the increased sophistication employed by hackers for both external and internal attacks, around 80% of all reported breaches continue to exploit known, configuration-based vulnerabilities. Server or system hardening is, quite simply, essential in order to prevent a data breach.
As data breaches continue to increase in severity and scale, more than ever organizations need to ensure they have the basic security controls in place to keep their data safe from attack. In response to today’s growing threat landscape, the SANS Institute, together with the Center for Internet Security (CIS) have developed the 20 CIS Controls (CSC) to give organizations clarity on what really needs to be focused on in terms of security best practices.
In recent years, with the rapid rise of cloud computing, the virtualization of applications and infrastructure has been replacing traditional in-house deployments of applications and services. It’s currently more cost-effective for organizations to rent hardware resources from companies like Microsoft, Amazon, and Google and spin up virtual instances of servers with the exact hardware profiles required to run their services.
Systems are constantly changing. Change and configuration management best practices allow organizations to keep track of configuration changes in a way that allows for rapid feature updates without any service outages, but many organizations struggle to find the ideal formula to make this process successful. So, what are the best practices in change and configuration management?
In order to maintain the integrity of a Windows file system, File Integrity Monitoring is applied to ensure no unauthorized changes are made to files, folders or configuration settings.
Within the FIM technology market, there are choices to be made. Agent-based or agentless is the most common choice, but even then there are both SIEM and ‘pure-play’ FIM, solutions to choose between.
