cybersecurity
dlp
risk-management
The following are the basic principles and practices used to protect the confidentiality, availability, and integrity of information in an organization. These fundamentals are essential to ensure that a company's information assets are protected against cyber and physical threats. You will learn about these security practices during the boot camp when you start learning about risk management and DLP. For now, let's focus on the basic concepts of security.
It's important to know that the main actors and participants in information management are the users. Therefore, users must be educated in good cybersecurity practices such as:
| Use Strong Passwords | Use strong and unique passwords for all accounts. Avoid obvious passwords like "123456" or "password." |
|---|---|
| Two-Factor Authentication (2FA) | Enable two-factor authentication whenever possible. This adds a layer of security by requiring a second form of verification besides the password. |
| Regularly Update Software | Keep the operating system and all applications updated with the latest security patches to protect against known vulnerabilities. |
| Do Not Open Unknown Emails or Links | Be cautious when opening emails or clicking on links or attachments from unknown senders. Phishing attacks are common. |
| Secure Wi-Fi Usage | Avoid connecting to insecure public Wi-Fi networks. Use a Virtual Private Network (VPN) when necessary to protect the connection. |
| Beware of USB Devices | Do not insert unknown or suspicious USB devices into the work computer, as they may contain malware. |
| Regular Backups | Perform regular backups of important data and store them in a secure location. This helps recover from potential ransomware attacks or other disasters. |
| Social Media Security | Limit the personal information shared on social media and adjust privacy settings to reduce exposure. |
| Cybersecurity Education | Participate in security training programs and stay informed about the latest threats and tactics used by cybercriminals. |
| Avoid Unauthorized Downloads | Do not download software or applications from unreliable sources. Use only legitimate app stores. |
| Monitor App Permissions | Review and adjust app permissions to limit access to sensitive information. |
| Report Incidents | If there is suspicion of a security incident or unusual activity, report it immediately to the IT team or the company's security department. |
| Each User Is Responsible for Their Device | Take care of software installations, computer behavior on the network, and software updates. |
| Protect Computer Access | Use a strong password to log in to the computer and change it periodically. This password should not be visible anywhere in the office. |
Best Practices for System Administrators and Cybersecurity Professionals:
| Software Updates and Patches | Keep all operating systems and software up to date with the latest security updates. Apply security patches regularly to fix known vulnerabilities. |
|---|---|
| Least Privilege Access | Limit access permissions to systems and data to only what is strictly necessary for users to perform their tasks. Avoid granting excessive privileges. |
| Secure Authentication | Use two-factor authentication (2FA) or multi-factor authentication (MFA) whenever possible to enhance account security. |
| Continuous Monitoring | Implement security monitoring systems to detect suspicious or unauthorized activities in real time. Configure alerts for significant security events. |
| Strong Password Policies | Establish robust password policies that require long, complex, and unique passwords for each account. Encourage regular password changes. |
| Patch Management | Have a well-defined patch management process that includes testing, implementation, and monitoring of patches on all systems. |
| Data Encryption | Use encryption to protect confidential data, both at rest and in transit. This includes disk encryption and the use of secure protocols for communications. |
| Physical and Logical Access Control | Limit physical access to data centers and critical facilities. Implement access controls based on identification cards and visitor log systems. |
| Incident Response | Establish an incident response plan that includes detailed procedures for the identification, mitigation, and recovery of security incidents. |
| Network Segmentation | Divide the network into segments to reduce exposure in case of an attack. Implement firewalls and security rules to control traffic between segments. |
| Audits and Security Assessments | Conduct regular security audits and assessments to identify potential vulnerabilities and areas for improvement in the IT infrastructure. |
| Continuous Training | Stay updated on the latest cybersecurity threats and trends through training and participation in security communities. |
| Data Retention Policies | Establish clear data retention policies to ensure that data is stored for the necessary time and securely deleted when no longer needed. |
| Event Logging and Auditing | Maintain detailed logs of events and activities on the network and systems. Implement auditing systems and regularly review logs for suspicious activities. |
| Redundancy and Data Backup | Implement redundancy strategies and regularly back up critical data. Ensure that backups are stored securely and are recoverable in case of disasters or incidents. |
☝Remember that cybersecurity is a culture and a task for everyone. Let's consider a simple example:
When you go out on the street, you always take precautionary measures. You know which are the safest streets, and the safest time to be out. You should verify that the address you are visiting is available, evaluate public transportation, and choose the safest route to walk. You also check the weather to decide whether to bring an umbrella or not. Likewise, you are aware that if something happens, there are security forces on the street to support you once you have been compromised or your physical integrity is at risk.
The same applies in cyberspace. As a user, you are the main responsible for your safety on the network, and as a cybersecurity professional, you are responsible for prevention, detection, and mitigation when a system has been compromised.