Hey everyone, Hope everyone is safe and Secure
We have seen lots of Tutorials, tools, techniques and Methodologies in Penetration Testing So far.
It’s Time to gain some information on Policies too.
What is a Security Policy?
A set of Rules that constrains organization with the specific practices to be followed against security threats. Security policy clearly states with what are all the risks and threats can take down an organization if the security policies are not implemented properly. It clearly reveals what are all the assets at risks in an organization.
Security Policies are always designed with CIA Triad in mind
Confidentiality – Keeping Confidentiality with the data and assets of your client is your main objective in here
Integrity – Trust Worthiness of the Security firm regarding the assets security in clients system. Prevention of unauthorized entries
Availability – Is assets are readily available for the clients and protected from several Lethal and deadly attacks like DDoS on a server.
Simple and Effective Security policies are always in demand. Strict policies in the play lesser the attacks and breaches.
Several Policies are available to look for in security perspective, all are combined and comes under these three major categories.
3) Backup and Disaster Recovery.
Authentication and Authorization policies:
1. Strong Passphrase (eg. My$erv3rUn8reak4bl3) is advised over strong passwords. Strong Passwords should contain minimum 8 characters including special characters, alphanumeric letters.
2. Sharing and Storing of passwords should be prohibited by any medium.
3. Strong Password manager with Encryption should be employed to avoid forgetting passwords and protecting them from being accessed.
4. SSH Keys are mandatory to avoid brute force attacks.
5. Do not link any of your password into any cloud storage. CSP vulnerabilities may reveal your Passwords too.
6. Regular automated scheduling of password change feature should be implemented to change the passwords on regular basis.
7. Deletion of Ex-Employees will prevent un-authorized access to the servers or systems.
Assets and Physical Security Policies:
1. Physical Access to the server should be only allowed to the authorized personnel.
2. Systems and Servers should be updated and patched regularly with latest security patches.
3. Disable Unused and unnecessary services and ports should be kept closed. So attackers will not have much interaction with the ports.
4. Check your logging functionality in your security systems and servers like IDS, IPS, Firewall.
5. Always use least privileged user in the systems to prevent unauthorized personnel. Privilege escalation will not happen with most of the cases.
BACKUP AND DISASTER RECOVERY
1. Management plans should be always readily available in all the cases like Vulnerabilities, threats, Backup and Disaster too.
2. Backup should be taken in regular time period and stored according to clients need. Reliable backup always helps organization to recover quickly from major breaches.
3. Disaster Recovery Plans and Management Cycle will always be readily available to manage if something misshapen. Disaster recovery relies on teams that involves back up and threat management people who can help disaster recovery with quicker recovery.
One who really wants to get into Policies, Standards, Auditing needs to know how to design a basic security policy for an organization.
Today’s Blog will be the right point to start your Career on Policies.
Stay tuned with us
stay safe and Secure
SAM NIVETHAN V J
SECURITY ANALYST & TRAINER