Cyber Security

UNIT 5
End Point device and mobile security

An endpoint device is any hardware or software that communicates with a network or system.
It is typically the point where users or applications access or interact with network resources.

Types of Endpoint Devices:

➢Computers: Laptops, desktops, workstations.
➢Mobile Devices: Smartphones, tablets.
➢IoT Devices: Smart thermostats, security cameras, wearable devices (like fitness trackers).
➢Networking Devices: Routers, switches (although sometimes classified differently in
network architecture, they can also serve as endpoints in certain contexts).
➢Printers, Scanners, and Other Peripherals: Any device connected to the network for
printing, scanning, etc.
Endpoint Devices Security (General
Devices)
• Endpoint devices are hardware devices like computers, laptops,
mobile phones, tablets, IoT devices, printers, and any other device
that connects to a network.
• These devices are used to access, input, and output data, and are
key points of interaction between users and the network.
Types of Security Threats to Endpoint
Devices
➢Malware: Viruses, ransomware, spyware, and Trojans that can
compromise the device’s integrity and steal or corrupt data.
➢Phishing Attacks: Social engineering tactics to steal credentials,
sensitive information, or access to systems.
➢Data Breach: Unauthorized access to sensitive or confidential data
stored or processed on the device.
➢Device Theft: Loss or theft of devices containing sensitive information,
which may lead to unauthorized access if unprotected.
➢Vulnerabilities: Unpatched software or insecure configurations can
make endpoint devices vulnerable to exploitation by attackers.
Endpoint Security Measures
➢Antivirus and Anti-malware Software: To detect and prevent
malicious attacks and to safeguard devices.
➢Firewalls: Both hardware and software firewalls protect devices from
unauthorized access or cyberattacks.
➢Encryption: Encrypting sensitive data on endpoint devices ensures
that even if data is compromised, it remains unreadable without the
correct decryption key.
➢Multi-factor Authentication (MFA): Requiring more than one form of
authentication to access the device or system, making it harder for
attackers to gain unauthorized access.
➢Regular Updates and Patches: Keeping operating systems and
software up-to-date helps to close security vulnerabilities.
Mobile Phone Security (Specific to Mobile
Devices)
• Mobile Devices as Endpoint Devices
• Mobile phones are a type of endpoint device, with unique security
challenges due to their portability, personal use, and constant
connectivity to both trusted and untrusted networks.
Common Mobile Security Threats:
➢Malware and Trojans: Mobile-specific malware like ransomware or apps with
malicious code that can steal data, track user activity, or hijack the device.
➢Phishing: Attackers may target mobile phone users through phishing emails, SMS
(smishing), or social media, aiming to steal credentials or spread malicious links.
➢Data Loss or Theft: Since mobile phones are portable, they can be easily lost or
stolen, potentially exposing sensitive personal and organizational data.
➢App-based Attacks: Malicious apps downloaded from unofficial app stores or with
hidden permissions that compromise device security (e.g., accessing contacts,
camera, or location).
➢Man-in-the-middle (MitM) Attacks: Mobile devices on public Wi-Fi networks can be
susceptible to MitM attacks, where attackers intercept and alter communication
between the device and the server.
➢SIM Swapping/Cloning: Attackers can gain control over a phone number by
hijacking the SIM card, potentially compromising two-factor authentication (2FA)
processes.
Mobile Phone Security Measures
➢Strong Passwords and Biometric Authentication: Using complex PINs,
passwords, or biometric data (fingerprint, facial recognition) to secure the
device.
➢App Permissions and Management: Carefully managing app permissions to
ensure apps only have access to the data and features they absolutely need.
➢Mobile Device Encryption: Encrypting the phone's internal storage ensures
that even if the device is lost or stolen, the data remains inaccessible.
➢Remote Wipe: Mobile security solutions, like Find My iPhone or Android
Device Manager, allow users to remotely erase data if the device is lost or
stolen.
➢App Store Caution: Only downloading apps from official stores (Google Play,
Apple App Store) and avoiding third-party, untrusted sources to minimize the
risk of malware.
Password policy
A Password Policy is a set of guidelines or rules created by organizations to ensure that
passwords are used securely and effectively to protect sensitive information. It defines how
passwords should be structured, managed, and protected to prevent unauthorized access to
systems and data.
➢ Minimum Password Length
Set a minimum length (e.g., 8-12 characters) to prevent weak passwords.
➢ Password Complexity
Require a mix of uppercase, lowercase letters, numbers, and special characters.
➢ Password Expiration
Enforce periodic password changes (e.g., every 60-90 days) to limit the risk of old,
compromised passwords.
➢ Password History
Prevent users from reusing their last few passwords (e.g., last 5).
➢ Account Lockout Policy
Lock accounts after a certain number of failed login attempts (e.g., 5) to thwart brute-force
attacks.
Password policy
➢Two-Factor Authentication (2FA)
Require 2FA for sensitive accounts to add an extra layer of security.
➢ Password Recovery
Secure the process for recovering or resetting passwords with multi-step verification.
➢ Password Storage
Store passwords securely using strong hashing algorithms (e.g., bcrypt, PBKDF2).
➢ Password Sharing
Prohibit sharing passwords and recommend using password managers for secure sharing.
➢ User Education
Educate users about strong password practices and phishing attacks.
➢ Expiry Notifications
Notify users before passwords expire to ensure timely updates.
Security patch management
• A patch is a software update designed to fix vulnerabilities,
improve functionality, or enhance the security of a system or
application.
• Patches are typically created by software vendors or developers
to address bugs, security flaws, or other issues that could affect
the performance or safety of software or hardware systems.
Purpose of Patches:

➢Fix Bugs: Patches often fix errors or bugs that affect the software's
operation.
➢Security Vulnerabilities: Patches are frequently released to address
security holes (vulnerabilities) that could be exploited by hackers or
malware.
➢Performance Enhancements: Some patches improve the
performance of a system, such as speeding up processes or optimizing
resource use.
➢Feature Updates: Occasionally, patches may introduce new features
or improvements to existing functionality.
Types of Patches
➢Security Patches: These are focused on fixing known security
vulnerabilities to protect systems from threats, such as hackers
exploiting weaknesses.
➢Bug Fix Patches: These address software bugs or errors that can
cause crashes or unexpected behavior.
➢Feature Patches: These introduce minor updates or new features
that enhance the software's capabilities.
➢Performance Patches: These improve the efficiency, speed, or
overall performance of software or systems.
Security Patch Management

• Security Patch Management refers to the process of identifying,

testing, deploying, and managing patches or updates that fix
security vulnerabilities in software, operating systems, and
applications.
• Effective patch management is essential for maintaining the
security and integrity of systems and preventing exploitation by
attackers.
Security Patch Management process

➢Identification: Detect available patches and security updates.

➢Assessment: Prioritize patches based on risk and system impact.
➢Testing: Test patches in a controlled environment to ensure
compatibility and stability.
➢Deployment: Apply patches to production systems, ensuring minimal
disruption.
➢Verification: Confirm the patches were applied successfully and
ensure systems are functioning properly.
➢Monitoring and Maintenance: Continuously monitor systems for
patch compliance and performance.
➢Documentation: Maintain records of patch activities for auditing,
compliance, and future improvements.
Data backup
• Data Backup is the process of creating a duplicate copy of digital data
and storing it in a secure location, ensuring that it can be restored in
case of data loss, corruption, hardware failure, or other unexpected
events.
• Backups are essential for protecting important information, such as
documents, databases, system configurations, and applications, from
being permanently lost.
Types of Data backup
➢Full Backup: A complete copy of all selected data is made. It takes
longer but provides a comprehensive backup that can be easily
restored.
➢Incremental Backup: Only the data that has changed since the last
backup (full or incremental) is backed up. It's quicker but requires a
combination of previous backups to restore.
➢Differential Backup: Backs up all the data that has changed since the
last full backup. It's faster than a full backup but requires more storage
than incremental backups.
➢Cloud Backup: Data is backed up to remote servers over the internet,
providing off-site protection and easy access from anywhere.
➢Local Backup: Data is backed up on physical storage devices, such as
external hard drives, USB drives, or network-attached storage (NAS).
Some tips for effective data backup
• Automate Backups: Schedule regular automatic backups to ensure consistency.
• Test Backups: Regularly test your backups to ensure they can be restored.
• Prioritize Critical Data: Focus on backing up important files and data.
• Use Versioning: Keep multiple versions of backups to restore specific points in
time.
• Encrypt Backups: Encrypt sensitive data for security, especially for cloud or off-
site backups.
• Organize Backup Files: Use clear naming conventions to keep backups organized.
• Monitor Backup Health: Check for backup errors and set notifications for failures.
• Balance Cloud and Physical Storage: Combine cloud and local backups for
redundancy.
• Regular Backup Audits: Periodically review and audit your backup process.
Downloading and management of third
party software
➢Source:
Always download software from reputable and trusted sources to avoid
malware. Official app stores (Google Play, Apple App Store) or developer
websites are usually safer.
➢Review and Ratings:
Check user reviews and ratings for feedback on the software’s quality,
security, and functionality. Be cautious of software with many negative
reviews or complaints.
➢Official Website:
Prefer the software’s official website to ensure you get the latest version
and avoid bundled bloatware or potential scams.
Downloading and management of third
party software
➢Backup Data:
Back up important data before installing new software, particularly
if it makes significant changes to system settings or files (like
drivers or system utilities).
Device Security policy
• A Device Security Policy outlines the rules and practices that
organizations follow to ensure the security of devices (such as
smartphones, laptops, desktops, tablets, etc.) used for work or
accessing sensitive data.
• The policy helps protect the devices from cyber threats and
ensures that the organization’s data remains secure.
Key Components of Device Security policy
➢Device Encryption
All devices must be encrypted to protect data in case the device is lost or
stolen. This ensures that unauthorized people cannot access sensitive
information.
➢Password/Authentication Requirements
Devices must have strong passwords, PINs, or biometric authentication
(like fingerprints or face recognition) to prevent unauthorized access.
Passwords should be updated regularly and follow certain complexity
rules (e.g., at least 8 characters, a mix of letters, numbers, and symbols).
Key Components of Device Security policy
➢Remote Lock Capabilities
The organization should have the ability to remotely wipe or lock a
device if it is lost, stolen, or when the employee leaves the
company. This helps protect data from unauthorized access.
➢ Device Updates and Patches
Devices should always have the latest software updates, including
security patches, to protect against known vulnerabilities.
Automatic updates may be required for critical software.
Key Components of Device Security policy
➢Anti-malware and Antivirus Software
All devices must have up-to-date antivirus or anti-malware software
installed to detect and block malicious threats.
➢ Device Usage Guidelines
Users should be informed about acceptable and unacceptable use
of devices (e.g., no unauthorized apps, no connecting to insecure
Wi-Fi networks).
Personal use of devices may be restricted in certain cases.
Key Components of Device Security policy
➢App Installation and Management
Only approved or trusted apps should be installed on the devices.

➢ Network Security
Devices should connect only to secure, trusted networks (e.g.,
encrypted Wi-Fi or VPN connections) to prevent data interception.
Public or unsecured networks should be avoided when accessing
sensitive company data.
Key Components of Device Security policy
➢Backup and Data Recovery
Devices must be regularly backed up to protect data in case of loss,
failure, or corruption.
A data recovery plan should be in place for quick restoration in case
of device issues.
➢ Physical Security
Employees should be trained to keep devices secure physically
Devices should be locked when not in use.
Key Components of Device Security policy
➢ Monitoring and Reporting
Devices may be monitored for security purposes to detect unauthorized
activity or security breaches.
Employees should report any suspicious activity or loss of devices
immediately.
➢ Use of External Storage
Use of external storage devices (like USB drives) should be controlled, and
such devices should be encrypted and scanned for malware before use.
➢ Remote Work and BYOD (Bring Your Own Device) Policy
For remote workers or those using personal devices (BYOD), additional security
measures, such as a VPN , may be required to access corporate data securely.
Key Components of Device Security policy
➢ User Training and Awareness
Employees should receive regular training on security best
practices, including recognizing phishing attempts, using strong
passwords, and safeguarding devices.
➢ Incident Response
The policy should specify actions to take if a security incident
occurs, such as a device breach, theft, or loss, and how it will be
handled and investigated.
Key Components of Device Security policy
➢Device Retirement and Disposal
When a device is no longer in use, it should be properly wiped of all
company data before being retired, sold, or recycled. This prevents
sensitive data from being accessed by unauthorized individuals.
➢ Access Control
Only authorized personnel should have access to sensitive data on
the devices. Role-based access controls (RBAC) may be
implemented to restrict access to certain apps or files.
Key Components of Device Security policy
➢Use of Cloud Services
Any cloud services used to store or back up data should be secure
and meet the organization's standards for security, including
encryption and multi-factor authentication (MFA).
Cyber security best practices
❖Use Strong, Unique Passwords
Create complex passwords with a mix of letters, numbers, and symbols.
Avoid reusing passwords across different sites to minimize risk.
❖Regularly Update Software
Install software and system updates promptly to patch security
vulnerabilities. These updates often contain important fixes for known
threats.
❖Enable Multi-Factor Authentication (MFA)
Add an extra layer of security by requiring a second form of verification,
such as a code from your phone. This makes unauthorized access more
difficult.
Cyber security best practices
❖Be Cautious with Phishing Emails
Do not click on links or open attachments in unsolicited emails. Verify
any suspicious requests by contacting the sender directly.
❖Use a VPN (Virtual Private Network)
A VPN encrypts your internet connection, protecting your data from
interception, especially on public Wi-Fi networks. It ensures your online
activity remains private.
❖Backup Your Data Regularly
Regularly back up important files to secure storage, either cloud-based
or physical drives. This helps prevent data loss in case of hardware
failure or cyberattacks.
Cyber security best practices
❖Use Antivirus and Anti-Malware Software
Install reliable antivirus and anti-malware software to detect and block
malicious threats. Ensure these tools are updated frequently to catch the
latest threats.
❖Limit Data Sharing
Be mindful of the personal information you share online, especially on
social media or websites. Only provide necessary details and check
privacy settings regularly.
❖Encrypt Sensitive Data
Use encryption to protect data both in transit and at rest, making it
unreadable to unauthorized users. This is especially important for
financial or personal information.
Cyber security best practices
❖Control Access Privileges
Grant access to sensitive systems and data only to those who need it.
Regularly review access permissions and remove unnecessary
privileges.
❖Secure Your Wi-Fi Network
Use strong encryption like WPA3 for your Wi-Fi network and change the
default router password. This prevents unauthorized users from gaining
access to your network.
❖Monitor Accounts and Devices
Regularly check for suspicious activity on your accounts and devices.
Set up alerts to notify you of unusual login attempts or financial
transactions.
Cyber security best practices
❖Be Wary of Public Wi-Fi
Avoid accessing sensitive accounts or making financial transactions on
public Wi-Fi. Use a VPN to encrypt your connection when on unsecured
networks.
❖Educate and Train Employees (For Businesses)
Conduct regular cybersecurity training for employees to raise awareness
of common threats. Empower them to recognize phishing, social
engineering, and other risks.
❖Implement and Test Incident Response Plans
Develop an incident response plan to guide your team through a
cyberattack. Regularly test and update the plan to ensure quick and
effective action during a breach.
Cyber security best practices
❖Secure Cloud Services
Use strong authentication and ensure data stored in the cloud is
encrypted. Review the security settings of any cloud services to control
access and data protection.
❖Use Two-Factor Authentication (2FA) on Mobile Devices
Enable 2FA for apps and services involving sensitive data. This adds an
extra verification step, such as a code sent to your phone, preventing
unauthorized access.
❖Regularly Review Permissions and Software
Periodically review app and software permissions to ensure they align
with your needs. Remove unnecessary apps and revoke permissions to
reduce exposure to threats.
Cyber security best practices
❖Use Strong Physical Security
Ensure physical access to your devices and servers is restricted.
Use locks, secure storage, and surveillance to prevent unauthorized
physical access to critical assets.
❖Stay Informed About Emerging Threats
Keep up with the latest cybersecurity news to stay aware of new
vulnerabilities and attack methods. Follow reputable sources for
security alerts and updates.
Significance of host firewall
A host firewall is a software-based security system that monitors
and controls incoming and outgoing network traffic on a specific
device (host), based on security rules.
It operates on individual computers, servers, or networked devices,
acting as a barrier to unauthorized access and protecting the device
from potential threats coming from the network.
Example:
Windows Firewall (built into Microsoft Windows)
Significance of host firewall
➢Traffic Filtering: A host firewall examines and filters network
traffic based on predefined security rules.
It allows only legitimate traffic and blocks potentially malicious or
unauthorized access.
➢Protection Against Unauthorized Access: It helps protect the
host (e.g., a computer or server) from unauthorized access or
attacks from external sources, like hackers or malware.
➢Prevents Spread of Malware: By controlling outbound traffic, a
host firewall can help prevent malware or ransomware from
communicating with external servers, thus limiting its ability to
spread or exfiltrate data.
Significance of host firewall
➢Control over Applications: Firewalls can enforce rules that allow
or block specific applications from communicating over the
network.
This is useful for blocking unwanted software or controlling the
behavior of allowed applications.
➢Prevents Network-Based Attacks: Host firewalls protect against
various types of network-based attacks, including DoS (Denial of
Service) attacks, brute-force attacks etc.
Significance of Anti-virus
➢Antivirus software is a program designed to detect, prevent, and
remove malicious software (malware) from computers, servers,
and other devices.
➢It scans files, programs, and system activities for signs of harmful
code, such as viruses, worms, trojans, ransomware, spyware, and
other forms of malware.
Significance of Anti-virus
➢Protection Against Malware:
Antivirus software is the first line of defense against various types of malware,
including viruses, trojans, worms, ransomware, adware, and spyware.
It helps detect, block, and remove these threats before they can harm the
system.
➢Prevents Data Loss:
Malware, especially ransomware, can encrypt or destroy valuable data.
Antivirus software helps prevent these attacks, safeguarding important files
and reducing the risk of data loss.
➢Protection from Online Threats:
Antivirus programs can protect users from malicious websites, phishing
attempts, and drive-by downloads that can occur while browsing the internet,
preventing the infection of the device.
Significance of Anti-virus
➢Improves System Performance:
Antivirus programs not only protect the system but can also help optimize
performance by identifying and removing unnecessary files, like temporary
files or unwanted applications that may slow down the computer.
➢Reduces Financial Risk:
Many forms of malware can lead to financial loss, whether it's through theft of
banking credentials, loss of business data, or damage to critical infrastructure.
Antivirus software helps prevent these kinds of threats, reducing financial risks.
➢Peace of Mind:
Knowing that antivirus software is running on a device provides peace of mind
to users, knowing their system is being continuously monitored for potential
threats and that action will be taken if malware is detected.
Management of host firewall
❑Initial Firewall Configuration
Set up clear rules for which traffic should be allowed and which should
be blocked.
Use a "default deny" rule to block all traffic by default and only allow
what's needed.
Be specific when creating rules, allowing only necessary traffic to pass
through.
❑Regular Updates and Rule Maintenance
Regularly update firewall software to stay protected from new threats.
Review and adjust firewall rules to make sure they’re still relevant and
effective.
Remove old or unnecessary rules to avoid security gaps.
Management of host firewall
❑Monitoring and Logging
Enable logging to track all incoming and outgoing traffic, and look for
unusual activity.
Regularly check logs to spot potential security issues or threats early.
Set up alerts to notify you if something suspicious happens.
❑Firewall Rule Testing and Validation
Test new rules in a safe environment before applying them to your live
network.
Use tools like nmap to check that your firewall is blocking unwanted
traffic.
Keep a documented process for changing rules, so all changes are
tracked.
Management of host firewall
❑Incident Response and Recovery
Have a plan ready for responding to firewall breaches or incidents.
Regularly back up firewall settings so you can restore them quickly if something goes
wrong.
If an incident happens, quickly isolate affected systems and start recovery.
❑VPN and Remote Access Security
Only allow secure VPN connections for remote workers.
Limit remote access to essential services and always use strong authentication.
Regularly review who has access to remote systems to keep them secure.
❑Advanced Firewall Features
Enable Intrusion Detection and Prevention (IDS/IPS) to spot and block attacks.
Management of Anti-virus
❑Installation and Configuration
Install antivirus software on all devices in your organization to ensure
comprehensive protection.
Configure the software to automatically scan files, emails, and websites for
threats.
Set up the software to run real-time protection to catch malware as it tries to
infect the system.
❑Regular Updates
Make sure the antivirus software automatically updates its virus definitions to
catch the latest threats.
Regularly update the software itself to ensure it's working with the most current
features and security patches.
Set updates to occur during off-hours to avoid disrupting work.
Management of Anti-virus
❑Scheduled and Manual Scans
Set the antivirus to run automatic full-system scans at regular intervals (e.g.,
weekly or monthly).
Encourage users to manually scan suspicious files or areas of their system
when they notice something unusual.
Make sure scans cover all drives and files, not just system-critical ones.
❑Monitoring and Alerts
Monitor antivirus alerts to quickly respond to detected malware or security
breaches.
Set up automatic notifications when malware is found or when an action is
required, such as quarantining a file.
Review the antivirus logs regularly to track threats and actions taken.
Management of Anti-virus
❑Incident Response
Have a plan for handling antivirus alerts, including steps for isolating affected devices
and containing malware.
If malware is detected, disconnect infected devices from the network to prevent the
spread.
Perform a deeper scan and review backups to recover any lost or damaged data.
❑User Education and Awareness
Educate users about safe computing habits, like avoiding suspicious emails,
downloads, and websites that might introduce malware.
Remind employees to report any unusual behavior on their devices, such as system
slowdowns or unexpected pop-ups.
Offer training on identifying phishing emails and other social engineering attacks that
antivirus software might miss.
Wi-fi Security
• Wi-Fi security refers to the measures and protocols put in place to
protect a wireless network from unauthorized access and cyber
threats.
• It includes encryption methods, password protection, and
network configurations that prevent attackers from intercepting
data, accessing private networks, or causing disruptions.
Some tips to enhance wi-fi security
➢Use Strong Encryption (WPA3 or WPA2)
Always use the strongest encryption available, such as WPA3 or WPA2,
to protect your network.
These protocols secure your data from being intercepted by hackers.
Avoid outdated encryption like WEP, which is easily cracked.
➢Change Default Router Credentials
Default usernames and passwords are widely known and can be
exploited by attackers.
Set a strong, unique password for your router’s admin panel. This
prevents unauthorized access to your router’s settings.
Some tips to enhance wi-fi security
➢Use a Strong Wi-Fi Password
Set a unique and complex password for your Wi-Fi network, ideally 12-16
characters long.
A strong password should mix uppercase, lowercase, numbers, and
special characters.
This makes it harder for attackers to guess or crack your password.
➢Enable a Guest Network
Set up a separate guest network for visitors or devices that don’t need
access to your main network.
This isolates their traffic and protects your sensitive data. Use a different
password for the guest network to add another layer of security.
Some tips to enhance wi-fi security
➢Enable a Firewall
Ensure your router's firewall is turned on to monitor and block
suspicious traffic.
A firewall helps protect your network from malicious intrusions. It’s
an essential tool for filtering out harmful data from the internet.
➢Limit the Range of Your Wi-Fi Signal
➢Turn Off Wi-Fi When Not in Use
➢Enable Two-Factor Authentication (2FA)
Configuration of basic security policy and
permissions
Creating a basic security policy and configuring permissions is
crucial for ensuring that only authorized users and devices have
access to sensitive data and resources.
Approaches for setting up security policy and permissions:-
Define Security Objectives
• Identify what you want to protect, such as customer data or
company systems. Set clear goals to guide your security efforts.
This helps you prioritize security measures that are most
important.
Configuration of basic security policy and
permissions
Identify User Roles and Responsibilities
• Create roles for different users, like admins, managers, or regular
employees. Assign permissions based on what they need to do
their job. This ensures everyone has access to the right resources
without excess privileges.
Set Permissions Based on Roles
• Give each user only the access they need for their job (read, write,
delete). Limit sensitive data access to those who need it. This
helps prevent unauthorized actions on important files or systems.
Configuration of basic security policy and
permissions
Implement Strong Password Policies
• Require users to create complex passwords with a mix of letters,
numbers, and symbols. Enforce password changes every 60-90
days. Strong passwords make it harder for attackers to guess or
crack.
Enable Multi-Factor Authentication (MFA)
• Require users to confirm their identity with something extra, like a
code sent to their phone. MFA adds an additional layer of
protection. Even if a password is stolen, the attacker still needs
the second factor to log in.
Configuration of basic security policy and
permissions
• Establish Regular User Audits and Reviews
Review user accounts and their permissions regularly to make sure
they still match their roles. Remove unnecessary access rights
when employees change positions or leave. Regular audits prevent
unused or outdated permissions from becoming a security risk.
• Configure Firewall and Network Policies
Set up rules to allow or block certain types of network traffic. Use
firewalls to protect systems from unauthorized access. Proper
configuration helps keep malicious traffic from entering your
network.
Configuration of basic security policy and
permissions
• Apply Security Software (Antivirus/Antimalware) Policies
Make sure all devices have up-to-date antivirus software installed
and running. Schedule regular scans to catch potential threats
early. Security software helps prevent malware and viruses from
compromising your systems.
• Set Backup and Recovery Permissions
Control who can create, access, and restore backups of critical
data. Only trusted users should have backup and recovery
permissions. This ensures your important data can be recovered in
case of an incident without unauthorized access.
Configuration of basic security policy and
permissions
Monitor and Log Activity
• Track actions taken on your network, like logins or file access, and
store this data securely. Regularly review activity logs for
suspicious actions. Monitoring helps detect and respond to
security incidents quickly.
Encrypt Sensitive Data
• Protect sensitive information by converting it into unreadable text,
both when stored and when sent over the network. Use strong
encryption methods like AES-256. This ensures that even if data is
intercepted, it remains secure.
THANK YOU