Home Solutions Help Me! About Testimonials Contact

 

Security Bulletin

          In the last month, RESTECH has proactively identified several internet threats that have been attempting to gain unauthorized access into client networks and we have prevented their access.  By using a common administrative utility, the attackers were attempting to crack passwords by using a combination of common usernames and passwords.  While this is one example of a weakness that they have taken advantage of, there are many, many more like it. 

          RESTECH customers are encouraged to take network security seriously and eliminate areas of weakness where applicable. Some common things that customers can change to strengthen the security of their network are:

  1. Secure passwords. Passwords should be 7 or more characters long, include an upper and lower case characters and at least one number or symbol. Passwords should be something that only YOU would know.  For instance, a good password would be 0ct0B3r9th! or D0n7tellinee1!.   These examples meet all of the criteria specified above and formed cleverly enough to remember. Avoid dictionary words, foreign language words or scripture passages, unless you have mangled them in some way. Ex: Luke 16:10, could be l00kSXTeen-10. 
  2. Lock down any unnecessary ports on your firewall. Firewalls should have only absolutely necessary ports opened.  If remote administration is a concern, then using a secure VPN to access the network is suggested as opposed to Remote Desktop Protocol or VNC. Remote access is crucial for most businesses and allowing well knows ports to remain open for convenience is an invitation to disaster.
  3. Internet and remote access control – Internet usage should be viewed as a privilege, not a right.  A business today needs to be able to enforce acceptable use policies with their staff.  Only the correct application of technologies can provide this level of enforcement and reporting.
  4. Keep up to date antivirus deployed throughout the network. Networks should be protected with a managed antivirus client.  Examples include McAfee Enterprise, Trend Micro’s Worry Free Business Solution, or Symantec’s Endpoint Protection.  These programs will assist in keeping viruses and spyware off of the network, which in some cases allows a backdoor entry into client networks.
  5. Beware of social engineering.  Information about your network should be kept confidential and passwords should not be given to ANYONE, including other employees. You may have access into confidential information that others may access with your logon credentials.
  6. Web filtering is an effective measure when combined with antivirus. Web content filtering can improve productivity, and deny access to websites that may have harmful content loaded.
  7. Effective logging and network monitoring is key to identifying threats and protecting yourself from them. Configuring auditing in Windows allows administrators to view failed AND successful access to network resources. This can be something as simple as a logon, or maybe something more detailed like who accessed, modified, or deleted a particular file. Network monitoring allows a detailed view of network resources and how they are being spent. This can be an effective measure when tracking down an offending machine on the network.
  8. An Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) appliance can significantly decrease your attack surface from the internet. These devices prevent attackers from gaining knowledge about your network by means of port scans, prevent brute force attacks, and Denial of Service (DOS) attacks.

          An important concept to remember about security is that it is best deployed in layers. Having strong passwords is a good first step, but ultimately is not a complete solution. ANY password can be cracked if the attacker has unlimited time to work on a target.  Additionally, some viruses also include a key logger, which as the name implies, records your keystrokes and reports them to the attacker.  ( See Actual Hacker Attack )

 

          RESTECH is determined to provide the necessary knowledge about these threats, and to assist customers in protecting business assets from them. Each of the items discussed above are measures that RESTECH provides to our Managed Services clients and are available to non-Managed Services clients at normal billing rates.  Protecting our clients and providing expert service are areas that RESTECH specializes in. For additional information on our Managed Services solution, please contact Delous Smith at 504-733-5633 or delous@restech.net.

 

 
Copyright © 2012 RESTECH Information Services Inc. All Rights Reserved.
Home  ||   Solutions  ||   Help Me!  ||   About  ||   Testimonials  ||   Contact  ||   News  ||   Articles  ||   HP Authorized Partner
Hewlett Packard  ||   Services  ||   Security  ||   Virtualization  ||   Disaster Planning  ||   Email Archiving
Unified Communication  ||   Cabling  ||   Cisco Showcase||  HP Showcase
Privacy Policy  ||   Terms of Use  ||   Site Map
News Articles