OK, we have all read about the well publicised hacking of a Medical Centre in Queensland. Most businesses are now asking how can they take better precautions to avoid becoming victims themselves. Having a reasonably secure network is not difficult, however don’t expect a magic bullet because there isn’t one. Read on and see if you are at risk.
http://www.abc.net.au/news/2012-12-10/hackers-target-gold-coast-medical-centre/4418676
2) Consider installing a Unified Threat Management (UTM) device. These do many things to greatly improve security. They scan web traffic in and out, and provide an additional layer of email inspection. They look inside the data packets whereas most firewalls simply look at the data packets.
3) Have your email washed offsite before it is delivered to your email server.
4) Make sure your servers and PC’s are fully patched and are fairly recent versions. It is almost impossible to secure Windows Server 2000 and 2003. Most hackers exploit bugs in server operating systems to take control of them.
5) Ensure that you have password complexity across your organisation. Having password as a password is not a password 🙂
6) Have a password changing regime. Yes it can be a pain to be prompted every ninety days to change your password but it is a key ingredient in having a secure network.
7) Have at least 3 layers of backup. First is at the file system level so that corrupted files can be recovered without relying on your main backup systems. Second is local imaging of all of your servers to a secured NAS device. Don’t stick a HDD into the USB port and leave it there for weeks. Third is to replicate your backups to an offsite data store. Preferably one that has the capacity to run your entire network up as Virtual Servers in the cloud should the need arise.
8) Consider hosting your email off-premise. This means that you will not have ports 25, 80 and 443 exposed on a server that can be used as a stepping stone to others.
9) Don’t allow your support company to expose server ports 3389 to the outside world. This is what some companies do to remotely support servers. If they have advanced management tools then there is no need to do this.
10) Make sure all of your staff are educated in email scams. Don’t click on the email attachment that says “here are your tickets”.
These are just a few practical “Best Practices” which are listed in our Proactive Maintenance Schedule. There are about 150 items in our schedule, simply because nothing can be taken for granted when it comes to security. We know this from experience, however, it never ceases to amaze me how some people simply rely on their anti-virus software and a cheap HDD for their backups.
Reading between the lines the medical centre was hacked because it had a poor understanding of its IT and didn’t place enough value in maintaining and protecting it properly.
A secure network starts with the right attitude.