How Do You Prioritize Cybersecurity in Your Daily Operations?
In the ever-evolving landscape of digital threats, prioritizing cybersecurity is a daily challenge for IT professionals. We've gathered insights from Senior Technical Managers to Network Administrators, detailing five key strategies they've put into practice. From implementing Multi-Factor Authentication to proactive monitoring with SIEM, discover how these experts bolster their cyber defenses.
- Implement Multi-Factor Authentication
- Respect Data Privacy
- Adopt Zero-Trust Architecture
- Utilize Whitelisting and Network Access Control
- Monitor with SIEM and Respond Proactively
Implement Multi-Factor Authentication
At Go Technology Group, we prioritize cybersecurity in our daily operations in many ways. One primary example is through the implementation of a robust policy mandating multi-factor authentication (MFA) across all systems and applications.
By requiring MFA, the company enhances security measures, proactively mitigates risks associated with cyber threats such as phishing and credential stuffing attacks, ensures compliance with industry regulations like GDPR and PCI DSS, fosters client confidence and trust in data protection, and promotes a culture of cybersecurity awareness and education among employees. This proactive approach underscores Go Technology Group's commitment to safeguarding sensitive information and maintaining the highest standards of security for both internal operations and client-facing services.
Respect Data Privacy
Keeping the right mindset about cybersecurity is essential. Sometimes, if we are not careful, we can lose touch with the fact that our keystrokes make real changes that can affect people's lives—either positively or negatively. I've seen it happen. I personally hold to a practice of respecting the data you come in contact with—which means I treat that data as if it were my own. It's never sent to any non-essential personnel, and it's deleted when it's not needed. I don't do things the easiest way, but rather in a way that affords the user the most protection. Personally, I believe that responsible cybersecurity practice should be a concern of every IT professional because handling it responsibly starts with you and grows from there.
Adopt Zero-Trust Architecture
In daily operations, prioritizing cybersecurity involves embedding security measures into every aspect of IT management. For instance, we've implemented a Zero-Trust Architecture (ZTA) policy, which assumes no one, whether inside or outside the network, is trustworthy by default. This policy requires strict identity verification for every person and device trying to access resources on our network, dramatically reducing the risk of breaches. Additionally, we conduct biweekly simulated phishing attacks to train employees on recognizing and reporting suspicious emails. This proactive approach not only fortifies our defenses but also cultivates a security-first mindset across the organization.
Utilize Whitelisting and Network Access Control
As a healthcare system, cybersecurity is always at the forefront of our decision-making. Our IT team keeps the environment secure by whitelisting applications via Windows' SRP, Proofpoint products, and CrowdStrike endpoint protection. SRP was initially some work to set up, but the end result has been very few CrowdStrike alerts, preventing alert fatigue. We also utilize wireless 802.1X and user/machine-based network access, which is currently being rolled out to wired devices as well. Cisco ISE is used for network access control, which integrates nicely with templates in DNA Center and provides accounting for configuration changes.
Monitor with SIEM and Respond Proactively
Proactive security can only be achieved by taking extraordinary precautions and constant monitoring. For example, a company has defined a policy in its SIEM product to warn when transfers exceed a certain bandwidth outside working hours.
At night, someone from IT noticed that there was an unusual data transfer and, when he connected to the network, he realized that some database dumps were being attempted to be transferred to a server on the external network.
They immediately went to the office, physically disconnected the network, and contacted us, asking for their network to be examined. We performed a penetration test and realized that domain admin rights had been seized thanks to a vulnerability in Active Directory. We took our precautions, adopted this proactive approach, and brought different SIEM policy suggestions to this new customer that he could implement.
