Advantage recommends the following internal network controls for all our clients. While every company is different, we believe these basic safeguards should be standard for all businesses that use technology.
- Quarterly security updates downloaded and installed for all devices ex. Server, workstations, tablets, phones
- Ensure that all operating systems and applications are at their most current and secure version by enabling automatic updates from the vendor
- Centralized User Controls (i.e., Active Directory, Azure AD, or other 3rd Party option)
- Least Privileged access with documentation and policies (see User Controls)
- Lockout Policies-
When someone attempts many unsuccessful passwords trying to log on to your system might be a malicious user who is attempting to determine an account password by trial and error.
Windows domain controllers keep track of login attempts and can respond to this type of attack by disabling the account for a period of time.
- All network shares limited to authenticated users only
- Shared folders and documents should be used by known network users only
- Share only necessary information.
- Use strong encryption to secure files when you transfer them to others
- Change default passwords on all devices to Unique passphrases for each critical account.
- Firewall Rules enabled on all applicable devices (see Firewall Policies and Procedures)
- 2FA on all applicable accounts – Two Factor Authentication
- DNS Filtering and Logging
- Antivirus software installed and updated on all applicable devices (not using default OS tools)
- Ensure redundant storage of critical information
- Maintain regularly scheduled data backup