14 DAY TRIAL // Russell Eubanks from SANS Institute wrote a paper called “A Small Business No Budget Implementation of the SANS Top 20 Critical Security Controls” that should help companies better protect themselves against cyberattacks by implementing a few simple rules.
The SANS 20 Security Controls, developed in 2009, were made with the purpose of aiding businesses better secure their networks with a permanent and continuous monitoring of their assets.
These controls involve all sorts of things and each of them is explained in detail in Eubanks' piece. Company managers can easily find out how they can implement efficient measures without having to spend a fortune on expensive equipment and software.
Some of the steps talk about a complete inventory of authorized and unauthorized devices and software used inside the company. As we've seen in another study, these devices can help or they can compromise the entire process that takes place in an organization.
Laptops, servers and workstations have to be completely secure from a hardware and software point of view. The author of this piece believes that all these devices should be standardized so they would all have the same secure configuration. Close monitoring would later reveal if something is faulty or if the network is under threat.
Network devices should also have the same security configurations in order to have a better control of the situation.
Managers should also focus on the traffic coming and going from the LAN of the company. Boundary defense is highly important when it comes to protecting corporate data.
The study carefully analyzes all these things and others such as the maintenance and the analysis of audit logs, the security of software applications, administrative privileges, vulnerability assessment and remediation, accounts monitoring, malware defenses, data loss prevention and data recovery capabilities.
Dell KACE revealed that more and more company representatives fear hackers and the solutions offered by the above-mentioned research could provide a real aid, especially for those who lack the financial resources.