1 / 19

Secure Online Presence

Secure Online Presence. Savio Fernandes Savio.CISSP@gmail.com. Rule #1: Determine the value of Information that you want to secure. Then decide on the investments that you need to make. The cost of the security solution should not exceed the value of the information.

kiora
Télécharger la présentation

Secure Online Presence

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Online Presence Savio Fernandes Savio.CISSP@gmail.com

  2. Rule #1: Determine the value of Information that you want to secure • Then decide on the investments that you need to make. • The cost of the security solution should not exceed the value of the information Image taken from http://dailycupoftech.com/10-ways-to-protect-your-home-network/

  3. Rule #2: Classify your information • Also determine who is authorized to access the information Image taken from http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci995767,00.html

  4. Rule #3: Different level of sensitivity will require different security levels. Image taken fromhttp://www.accessandprivacy.gov.on.ca/english/pub/iaa.html

  5. Endpoint Security Management Image taken fromhttp://www.networkd.co.uk/securitysuite.html

  6. Patch Management Apply patches but test before deploying on production servers. Image taken from http://www.microsoft.com/technet/security/guidance/patchmanagement/secmod193.mspx

  7. Windows Patches Visit http://windowsupdate.microsoft.com for patches. All Critical (Express) patches should be applied

  8. Microsoft Update Get all Microsoft updates in one place: http://www.update.microsoft.com/microsoftupdate

  9. Ensure that the anti-virus software is configured to receive the latest updates automatically Image taken from http://www.secured-networking.com/email_security.htm

  10. Host Based Intrusion Detection System (IDS) should be deployed on servers in addition to the network IDS Image taken from http://www.secureworks.com/services/managed/host_intrusion_prevention.html

  11. Protect your Application and database severs via additional firewalls. • Internet users should not be able to reach the application and database servers directly. • Only the webserver should be able to access the application servers. • You should also have another firewall in front of the webserver preferably of a different make than the other firewalls. Image taken fromhttp://www.dmreview.com/editorial/dmreview/200209/200209_014_1.gif

  12. Security Audit - Nessus • You should conduct a weekly audit of your infrastructure with tools such as Nessus (Freeware) Snapshot of Nessus product – downloaded from http://www.nessus.org/nessus/

  13. Beware of Zero-day Attacks Image taken fromhttp://www.guardsite.com/ZeroDayProtection.asp

  14. Install the Free McAfee SiteAdvisor Snapshot of page taken fromhttp://us.mcafee.com/root/product.asp?productid=sa&cid=26044

  15. Heed the advise given by McAfee SiteAdvisor when downloading software Google search output - http://www.google.co.inwhen a search was made for “free networking tools”

  16. Subscribe to Security Newsletters Snapshot of page at http://www.computerworld.com/action/member.do?command=registerNewsletters&intsrc=hm_nav_nl

  17. Incident Response Report the computer incidents to the National Computer Incident response team. e.g. In India log the incident at http://www.cert-in.org.in/ Snapshot of US-CERT home page at http://www.us-cert.gov/

  18. Thank You • T Image taken from: http://www.shepherd-wireless.com/freequote.html

  19. Disclaimer "The images presented and products referenced are the intellectual property of their respective owners.  The use of such images is for non-commercial educational purposes only and no claim otherwise is made regarding the said images."

More Related