Category Post tags , , , , , , , , , , , ,
Under the world, ESET, like a sports team aims to protect the company. The company presents the Dream Team of Information Security and provides 11 essential settings to prevent incidents and malicious attacks: 1. Strong Passwords: As an archer who defends his bow, it is important that access is protected with strong passwords to not receive brute force attacks that can easily gain access to sensitive and confidential information. 2. IDS: Nothing better than a good defender who watch for attacks inside the opponent's area. Similarly, the use of tools such as IDS inform potential cyberattacks. IDS act passively, ie, detect but not prevent attacks. 3. Encryption: Important to have a side Brazilian style that not only defends the arc, but also is capable of carrying the ball safely. Corporate encryption prevent information leakage beforeclaims such as theft or loss of a computer. Without the key to decrypt, you can not access the information and therefore you can not see the files. 4. User Awareness: It is a position that is not always taken into account, but can make the difference in the final result. To prevent that from happening, training and ongoing end-user awareness will help prevent IT risk situations. 5. Security Anti-Spam: You must have a central midfielder to sweep the entire playing field, controlling the attacks of the opposing team. The Anti-SPAM control will help prevent threats from emails, which happen to be one of the most used by attackers to allow, for example, send PDF documents with embedded malicious code vectors. They could also send emails to the victim access to phishing sites, stealing sensitive personal information such as bank details. 6. Adapting the Firewall: A wallin the bottom of the computer rejects any opponent to reach the own goal attempt. Similarly, a good firewall settings can prevent intrusions, allowing manage ports. 7. Security Updates applications: These are complemented by front, giving assistance in the task of ending the opposing team. Installing updates or patches correct potential vulnerabilities in the system; it is advisable to get prior information about what is fixed each update as it could harm the service provided by the team. 8. BYOD Policy: It has some similarities with a midfielder who comes from outside, whose movements should be complementary both in attack and defense not to unbalance the team. In the company it is recommended to define a strict policy regarding the use of personal devices, because otherwise they can become a route of infection for the entire corporate network,besides harming the user. 9. Antivirus: The scorer of the team in charge of fulminate rivals. Antivirus solutions will prevent infection with malicious code, as well as be alerted about arp-type attacks and dns-spoof spoof, among others. Another point to consider is the admission of allowed removable devices to connect via USB, as these tend to be a potential vector through which malware spreads, infecting not only the computer where it was connected, but the entire network. 10. Protection of the BIOS: This is the engagement team, which has the "key" of the goal. In the company, it is advisable to administer password each computer startup (BIOS), because from here you can force booting from a Live-USB for brute force attacks on user sessions, obtaining their passwords. It could also inject malicious code on your hard disk for later execution when the computer start normally.11. Double Authentication: is always there to lend a hand 5 if the equipment is badly. At the corporate level, it is a good practice to add two-factor authentication mechanisms as they strengthen the profiles and user accounts. Thus, if the password is stolen, to validate the service a second password randomly generated and synchronized with the account, either token or sent to a cell phone will be required