Post on 16-Apr-2017
transcript
5 NSA CYBERSECURITY TIPS
cc: Simon Greig Photo - https://www.flickr.com/photos/32563803@N00
THESE TIPS ARE STRAIGHTFROM THE NSA WEBSITE
cc: RuffLife - https://www.flickr.com/photos/40993822@N06
WWW.NSA.GOV/IA
cc: AMWRanes - https://www.flickr.com/photos/59525567@N00
TELLS ME THESE WILL NEGATE 95% OF ALL ATTACKS
MY NSA CONNECTION
cc: MANYBITS - https://www.flickr.com/photos/38176611@N04
THEY'RE SIMPLE
AND INEXPENSIVEcc: Dave Dugdale - https://www.flickr.com/photos/37387065@N05
1. USE WHITELISTS
cc: Ludwig Gatzke - https://www.flickr.com/photos/16851909@N00
BY DEFAULTEVERYTHING ELSE IS BLOCKED
cc: timothymeaney - https://www.flickr.com/photos/41101678@N00
DECIDE WHICH PROGRAMS ARE ALLOWED TO RUN
ONLY ADMINISTRATORS
cc: USAID_IMAGES - https://www.flickr.com/photos/46658241@N06
2. CONTROL ADMIN PRIVILEGES
cc: Poster Boy NYC - https://www.flickr.com/photos/26296445@N05
GRANT PRIVILEGESONLY WHEN ABSOLUTELY NECESSARY
cc: colemama - https://www.flickr.com/photos/33901022@N00
LOG & MONITOR
ADMINISTRATOR ACTIVITYcc: casey.marshall - https://www.flickr.com/photos/25299470@N00
ADMINSTRATIVE ACCOUNTS
• No email account • Not connected to internet • Two factor access
cc: chrisinplymouth - https://www.flickr.com/photos/21450297@N06
ADMINISTRATOR PASSWORDS
• Can't reuse • Greater than 14 characters • Must change frequently • Good policy for entire
organization
cc: mkandlez - https://www.flickr.com/photos/25541021@N00
RESTRICT WHERE & WHENADMINISTRATORS CAN ROAM
cc: samgrover - https://www.flickr.com/photos/44124379481@N01
3. LIMIT WORKSTATION TO WORKSTATION
COMMUNICATION
cc: Wiertz Sébastien - https://www.flickr.com/photos/36169570@N08
REALLY?HARD TO BELIEVE IT'S STILL ALLOWED ANYWHERE
cc: Greencolander - https://www.flickr.com/photos/37539977@N00
4. USE ANTI-VIRUSFILE-REPUTATION-SERVICE
cc: Bruno Santos - https://www.flickr.com/photos/65062705@N00
MUST HAVE
COMPLETE THREAT PICTURE AT ALL TIMEScc: Hkuchera - https://www.flickr.com/photos/59263064@N00
WITHIN SECONDS INSTEAD OF HOURS OR DAYS
UPDATEScc: wwarby - https://www.flickr.com/photos/26782864@N00
5. ANTI-EXPLOITATIONTURN IT ON
cc: moofbong - https://www.flickr.com/photos/81314692@N00
IS USUALLY A HACKER'S FIRST STEP
EXPLOITATIONcc: dustball - https://www.flickr.com/photos/85783274@N00
EFFECTIVE AGAINST
COMMON ATTACKScc: Tddy - https://www.flickr.com/photos/40434084@N06
STANDARD EQUIPMENT
AND IT'S FREEcc: othree - https://www.flickr.com/photos/12452841@N00
IMPLEMENT THESE STEPSTODAY
cc: c.fuentes2007 - https://www.flickr.com/photos/22143940@N08
SHARE