Looking for Something Specific?
Search the Blog Archives.
Have you ever wondered if your tech support guys are doing everything they should to secure your information system and keep it running? After all, unless you’re really technology-savvy, how do you know they’re doing what they need to be doing? There are some fundamental questions you should ask your tech to find out if they are properly managing and monitoring your network for vulnerabilities, security threats, and other issues that could jeopardize your organization
Here’s an example of a tech not monitoring the security of a water authority’s network. The incident described below has me seriously concerned about other water authorities in South Carolina:
A few months ago, I had to rush my guys out to fix a malware infection for one of the many water districts in South Carolina.
As it turns out, their tech support guys weren’t properly securing their systems, and a hacker broke in and infiltrated their network.
The worst part? … These guys didn’t even detect the infiltration – we did! The water district took us up on our offer to perform an assessment.
We were as surprised as they were to find hackers lurking on their network.
The point is … if you’re working with inexperienced tech support guys, you need to know before something awful happens.
I’ve listed seven questions below that you must ask your tech support guys to gain insight into whether or not they’re really doing their job.
Your tech should have installed scanning software to monitor all entry points from the Internet into your internal network. Unless entry points are adequately secured, a hacker can break in. It’s not easy to identify all the entry points. It takes the experience of a trained, ethical hacker to do this. Your tech’s answer should give you an idea if they are doing this, or if they are even capable of identifying open doors into your network.
Penetration testing (pen-testing) is where a technician simulates a malicious attack from your internal and external users. The tech then analyzes your IT system for any potential vulnerabilities. Pen-testing is a necessary procedure to ensure:
This is what your tech should be doing to detect and locate the unguarded entry points into your network, both internal and external. With this information, he can prevent attacks and viruses from entering.
If your firewall isn’t configured correctly, it acts as an open door to intruders. Your firewall should have configurations applied that are specific to your operations. The tech must set up rules to ensure only authorized traffic can enter your network.
He should also analyze the type of traffic coming into your network. This can be done via proactive and remote monitoring and maintenance (RMM). Ask if he’s doing this and what he’s found. As a matter of fact, he should be providing monthly reports with logs that verify only authorized traffic is entering your network.
Your anti-virus, IDS, and anti-virus software must be updated regularly – preferably on a daily basis to detect and block the most prominent viruses.
An IDS is security software that automatically alerts tech administrators when someone or something is trying to compromise your IT system using malicious activities or by violating security policies. It’s what we mentioned above regarding the RMM.
It automatically monitors your IT system activity by looking for vulnerabilities in your network, checking the integrity of your data, and performing an analysis of ongoing patterns that indicate attacks are taking place. It also monitors the Internet to look for the latest threats to identify whether someone is trying to exploit your information system.
Your anti-virus software will prevent, detect, and eliminate viruses, malware, and worms from your computers. It should include auto-updates, so the software can automatically download profiles of any new viruses and check for these. It’s important to use the right antivirus software for your organization’s purposes. Some can detect specific worms or viruses, where others can’t.
Anti-Spyware detects and removes unwanted spyware programs. It protects against malware being installed on a computer without your knowledge. This is what happened to the water authority mentioned in the first section of this article.
Spyware collects information from your computer. It can also degrade the performance of your computer system because it uses up processing power. Even scarier, it can redirect your browser to malicious sites, or install malicious software.
Your tech may have installed an endpoint protection platform that takes care of all of the last few things we mentioned. It includes antivirus, intrusion detection/prevention, anti-spyware, a personal firewall, and other security solutions for your computer devices.
Whether you manage a water authority in SC or any type of business, it’s important that you stay educated about technology and cybersecurity. This way, you can ask the right questions to determine whether or not your tech support guy is pulling the wool over your eyes.
Stay informed by reading the articles posted on our Blog. Here are a few to get you started: