- Configure systems, from the first day, with the most secure configuration that your business functionality will allow, and use automation to keep users from installing/uninstalling software
- Use automation to make sure systems maintain their secure configuration, remain fully patched with the latest version of the software (including keeping anti-virus software up to date)
- Use proxies on your border network, configuring all client services (HTTP, HTTPS, FTP, DNS, etc.) so that they have to pass through the proxies to get to the Internet
- Protect sensitive data through encryption, data classification mapped against access control, and through automated data leakage protection
- Use automated inoculation for awareness and provide penalties for those who do not follow acceptable use policy.
- Perform proper DMZ segmentation with firewalls
- Remove the security flaws in web applications by testing programmers security knowledge and testing the software for flaw
Wednesday, February 6, 2008
Best Practices for Preventing Security Risks
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment