Home     Free Vulnerability Scan (IVS)     About     Security Blogs     Contact Us

An Insight into General Business IT Technical Security Best Practice Principles

IT Security is far more than implementing a Firewall and doing a quick vulnerability scan. It needs to bring people, process and technology together to form a culture for a comprehensive pro-active and re-active protection strategy.

It's important to recognise how important security is, especially in an age where attacks are becoming more frequent and easy to achieve through the exploitation of an increasing volume of every day devices such as Internet of Things (IoT).

Security also needs to be balanced realistically between cost, complexity and the classification of data you're trying to protect. For example, data which is freely available in the public domain will need less security than a PCI Compliant environment which hosts credit card information.

Here's a few best practice principles to consider when designing new environments and systems.

  • Security needs to be all the way up the stack in a layered model - networking, servers, application.
  • Demilitarized Zone (DMZ) and tiered traffic segmentation is a proven good practice network design to reduce attack surface and blast radius whilst providing tiered backend server protection from external attacks capability.
  • Sensitive data should be encrypted at rest and in transit.
  • Encryption keys need to be stored in a secure audited key vault - there's no point having encryption if you're not going to protect the keys!
  • A strong identity, access and authorisation model should be created to provide a need to have, least-privilege rights, complex passwords enforcement with password expiry policy and multi-factor authentication (MFA) approach.
  • A robust data backup strategy should be formed to provide a recovery model from both technical incidents, and security incidents.
  • Build detective controls to record activity and audit trails.
  • Security should be tested regularly through a combination of vulnerability scans and penetration testing.

  • Compile a business-wide incident response plan. Plan on how to respond in a fast, effective and comprehensive manner to threats such as advanced persistent attacks, data theft, disruption of services and reputational damage. Have a tested end to end process, along with resource and response expertise.