Hey everyone, Hope everyone is safe and Secure
We have seen lots of Tutorials, tools, techniques, and Methodologies in Penetration Testing So far.
It’s Time to gain some information on Policies too.
What is a Security Policies?
A set of Rules that constrains organizations with the specific practices to be followed against security threats. Security policy clearly states with what are all the risks and threats that can take down an organization if the security policies are not implemented properly. It clearly reveals what are all the assets at risk in an organization.
Security Policies are always designed with CIA Triad in mind
Confidentiality – Keeping Confidentiality with the data and assets of your client is your main objective here
Security Policies:
Simple and Effective Security policies are always in demand. Strict policies in the play lessen the attacks and breaches.
Several Policies are available to look for from a security perspective, all are combined and come under these three major categories.
1) Accessibility
2) Security
3) Backup and Disaster Recovery.
ACCESSIBILITY
Authentication and Authorization Security policies:
1. Strong Passphrase (eg. My$erv3rUn8reak4bl3) is advised over strong passwords. Strong Passwords should contain a minimum of 8 characters including special characters, and alphanumeric letters.
2. Sharing and Storing of passwords should be prohibited by any medium.
3. Strong Password manager with Encryption should be employed to avoid forgetting passwords and protect them from being accessed.
4. SSH Keys are mandatory to avoid brute force attacks.
5. Do not link any of your passwords to any cloud storage. CSP vulnerabilities may reveal your Passwords too.
6. Regular automated scheduling of password change feature should be implemented to change the passwords on regular basis.
7. Deletion of Ex-Employees will prevent un-authorized access to the servers or systems.
SECURITY
Assets and Physical Security Policies:
1. Physical Access to the server should be only allowed to authorized personnel.
2. Systems and Servers should be updated and patched regularly with the latest security patches.
3. Disable Unused and unnecessary services and ports should be kept closed. So attackers will not have much interaction with the ports.
4. Check your logging functionality in your security systems and servers like IDS, IPS, Firewall.
5. Always use least privileged user in the systems to prevent unauthorized personnel. Privilege escalation will not happen with most of the cases.
BACKUP AND DISASTER RECOVERY
1. Management plans should be always readily available in all the cases like Vulnerabilities, threats, Backup and Disaster too.
2. Backup should be taken in regular time period and stored according to clients need. Reliable backup always helps organization to recover quickly from major breaches.
3. Disaster Recovery Plans and Management Cycle will always be readily available to manage if something misshapen. Disaster recovery relies on teams that involves back up and threat management people who can help disaster recovery with quicker recovery.
One who really wants to get into Policies, Standards, and Auditing needs to know how to design a basic security policy for an organization.
Today’s Blog will be the right point to start your Career on Policies.
AUTHOR
SAM NIVETHAN V J
SECURITY ANALYST & TRAINER