Improve Security Through People in Four Simple Steps

<p>Organizations have an incredible variety of security solutions to choose from to protect their networks. A walk down the showroom floor at RSA or BlackHat can be downright overwhelming (both the product explanations and the swag). Whatever solutions your security team deploys though it’s important to remember that a few missteps from your staff can make all of those investments a moot point (no Joey, not a moo point). There are also strategies you can follow to help your employees, which in turn helps you. Here are a few people practices that will help protect your network:</p><h3>1. Make a few people’s lives more difficult</h3><p>Namely, your admins. It’s not at all uncommon for someone to request administrative privileges to complete a task. Afterwards, it’s possible that:</p><ul><li>They won’t need access again</li><li>They’ll forget they have admin level privileges</li><li>The real admin will continue access “just in case”</li><li>The wrong people could exploit this</li></ul><p>It seems fairly innocuous, but it’s one of the simplest ways for a network to be breached. The real life equivalent would be handing over the keys to a bank vault to everyone that worked at the bank rather than the one or two who were responsible for retrieving the money.</p><p>The easiest way for an organization to keep money in their metaphorical (or literal) bank is to keep the keys in the right hands. Restrict administrative privileges to those that perform administrative tasks daily. This will mean that admins have to spend more time completing these one-off tasks, but not cutting security corners ensures that organizations can avoid damages to their reputation, property, and personnel. It’s worth it to annoy the few for the benefit of the masses.</p><h3>2. Avoid people altogether</h3><p>Cybersecurity gets a bad rap for antisocial people (not entirely off the mark), but this tip isn’t actually aimed at that. There’s a huge increase in threat complexity and quantity, making automation a critical step for saving time and sanity. Automating manual tasks is beneficial to you and your people - projects are simpler, and the saved time means your analysts can focus their attention on more complex problems. It also eliminates the inevitable human error. Our product <a href="https://www.anomali.com/products/threatstream">ThreatStream</a> automates the normalization, validation, and aggregation of data. Combined with analyst-friendly features, the platform helps to prioritize threats and reduce time to detection. And if you find a time where our platform isn’t proving friendly we have a <a href="https://www.anomali.com/customer-success">great team</a> to help customers out.</p><h3>3. Discipline your people</h3><p>Well, more like teach them some discipline. While the importance of a strong password has been metaphorically beaten into us, many people still fail to enact adequate password measures. Setting up your internal systems to automatically require changing passwords every 30-90 days is an excellent approach, particularly considering that most threats will lurk around for 200 days before wreaking havoc. Another way to deprive potential bad guys entry is to require Multi-Factor Authentication (MFA), where a secondary device is needed to fully access the account in question. Unless your malicious actor has engaged in some serious leg work or intrigue it’s unlikely that they’ll have your credentials and your phone. Most importantly, explain to your employees why these measures are necessary, and demonstrate how quickly someone with the right access and the wrong intentions can do damage.</p><h3>4. Pay attention to your people</h3><p>Possibly the best thing you can do for your employees though is to educate them. One of the most common reasons good security practices aren’t followed is simply that people don’t understand why they’re needed. Or they might be a bit distracted, so the automation mentioned above can help (it’s ok, we’re all human). Taking the time to consider how people work and in turn helping people to understand a bit more about good security practices can keep your people engaged and your systems running smoothly.</p><p>It’s an unfortunate fact that the biggest threat to an organization can be an unwitting or disgruntled employee. These people are your greatest asset though, and it’s worth it to invest in them beyond just proactive damage control. A little recognition for accomplishments can go a long way in boosting morale and encouraging productivity. In the same vein, paying your people well, providing them with benefits, and showing concern for their welfare can provide amazing security results for everyone.</p>