Making smart choices about cybersecurity will help you more effectively protect the valuable assets you are already guarding with physical security. Here are ten tips to help guard against a potential cyber attack.
1. Keep appliances current: update software and firmware regularly. As vendors find issues, manufacturers work to create fixes that will help prevent issues later. Your due diligence is required.
2. Passwords as a minimum should be at least 8 characters long and be a combination of letters, numbers, and special characters. Everyone should be assigned their own username and password. This ensures accountability
3. Each user account should only be given the authority to access the resources required to fulfill their specific responsibilities.
4. Every transaction that occurs on the appliance should be logged so that there is a record kept for forensics later. This accounting is a must.
5. Whenever possible, use a firewall appliance between your IT assets and the Internet. At the very least use NAT at your Internet gateway.
6. Use uncommon ports: “security through obscurity.” This creates an additional step when someone is trying to access your appliances.
7. When possible, put your network and IT assets behind locked doors to limit unnecessary access.
8. Make sure you are using password lock-out features for invalid login attempts and if possible, receive notifications of these attempts.
9. Design a plan of who to notify in the instance of your appliances being compromised (or simply if you suspect that they have).
10. If you suspect a vulnerability is due to a flaw with the manufacturer, notify the manufacturer so that they can test. If an issue is found they can also work to fix it.