Quick Recap (and Tips) from SolarWinds Security Week


Published on

Get a quick recap from SolarWinds Security Week and walk away with some Security tips you can put into action today.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Quick Recap (and Tips) from SolarWinds Security Week

  1. 1. 1 Security Tips from SolarWinds Security Week “A Quick Recap” © 2013, SolarWinds Worldwide, LLC. All rights reserved.
  2. 2. 2 Agenda » Day 1: Social Engineering » Day 2: Unauthorized USB Access & Data Loss » Day 3: Boisterous Network Users » Day 4: Resetting Passwords » Day 5: Risks with Unpatched Applications » 5 Tips to Reduce User Administration on your FTP Server » Top 10 Online Security Tips 2
  3. 3. 3 Day 1: Social Engineering » Social engineering is a human hacking tactic, that involves unsuspected social engineers who take advantage of the gullible nature to extract information such as credentials, access codes, financial and trade secrets, and any other sensitive data that the victim is privy to. » Tips to Stay Secure: • Be aware of social engineering attacks. Educate your peers, employees and friends. • Do not divulge personal information and company data to any untrusted source, however convincing and genuine it may look. • If you are suspicious of any person or specific email, report the case to your organizational authorities and IT security teams. SOLARWINDS SECURITY WEEK Learn more on Social Engineering >>
  4. 4. 4 Day 2: Unauthorized USB Access & Data Loss » It refers to the loss of sensitive/confidential information owing to usage of USB drives and other mass storage media » Tips to Stay Secure: • Set up access rules & policies so only authorized employees have USB access • Ensure to remove sensitive information access from employees once the purpose of using the information is fulfilled • Do not leave old or unattended data on end- user systems • Build strong BYOD usage policy and disallow using employee-owned handheld devices as mass storage devices for data transfer • Monitor the log activity of all your enterprise workstations and USB endpoints Learn more on USB Security threats >> SOLARWINDS SECURITY WEEK
  5. 5. 5 Day 3: Boisterous Network Users » On this day, we discussed about unruly users taking advantage and indulging in malicious network activities » Tips to Stay Secure: • Create means to know who and what connects to your network • Keep a watch on suspicious devices in the network • Build alerting methods and quickly pull out information to locate a device • Restrict and monitor Wi-Fi access • Maintain data to track device usage history • Set-up mechanisms to immediately detect and remediate rogue SOLARWINDS SECURITY WEEK eBook: 3 Simple Steps to take charge of Your Network Access Security >> Whitepaper: Detecting and Preventing Rogue Devices >>
  6. 6. 6 Day 4: Resetting Passwords » Even though it’s simple to reset a user account password, for an IT administrator like you, who has a ton of other critical stuff to do, it takes time. And, it’s definitely no fun at all considering the number of help desk tickets that you resolve for this task each day. » Tips to Stay Secure: • Set up automatic password change reminders that prompt the end-users in advance of password expiry. • Provide self-service options to end-users to reset password using a Web interface. • Have KB articles built into your help desk software so that the user gets tips to reset the password on their own. • Institute an automated system in place that can help reset AD password automatically when a user is locked out of their account. SOLARWINDS SECURITY WEEK Whitepaper: Monitor User Logon Actions >>
  7. 7. 7 Day 5: Risks with Unpatched Applications » There are several reasons, why it’s tough for IT admins to achieve patch remediation smoothly and one among those is surprisingly the users themselves, who never show the lightest of interests to keep their systems and third-party applications patched and updated to the latest versions. » Tips to Stay Secure • Auditing systems for identifying missing patches and vulnerable systems • Deploying updates systematically in order to eliminate application vulnerabilities in your endpoints. • Automating the patch management process to ensure the operating systems and third-party applications are patched in a timely fashion. SOLARWINDS SECURITY WEEK Learn more on Mitigating the risks of Unpatched Applications >>
  8. 8. 8 5 Tips to Reduce User Administration on your FTP Server 1. Authenticate Company Employees Through Active Directory 2. Authenticate External Partners Through a DB Connection 3. Allow End Users to Change Their Own Passwords 4. Send Password Expiration Notifications via Email 5. Allow End Users to Trigger Their Own Password Reminders DO YOU HAVE OTHER SECURITY CHALLENGES? • Be sure to check out SolarWinds Security site, or leave your thoughts and comments below. SOLARWINDS SECURITY WEEK
  9. 9. 9 Top 10 Online Security Tips 1. Don't be Over-Trusting! 2. Strengthen Passwords 3. Beware of Phishing & Malware Sites 4. Keep an Eye Out for Website Certificates 5. Insecure File Sharing: A Vulnerability Gateway 6. Dangers of Insecure Wi-Fi & Unsafe Public Networks 7. Be Discreet with Social Engineering Sites 8. Remove Unused Software, Browser Plug-ins & Extensions 9. Keep Browsers, Third-party Apps & Operating System Up to Date 10. Ensure Your VoIP Communication is Foolproof SOLARWINDS SECURITY WEEK
  10. 10. 10 Thank You!