8/3/2019 Security Tips for the Small Business From 70000 Feet

1/14

Irongeek.com

Adrian Crenshaw

Joseph Hollingsworth

8/3/2019 Security Tips for the Small Business From 70000 Feet

2/14

Irongeek.com

Joe

Professor at Indiana University

Southeast

Computer Science &

Informatics departments Director of professional

development for faculty

Adrian

Runs Irongeek.com

Has an interest in InfoSec

education

(ir)Regular on the ISDPodcasthttp://www.isdpodcast.com

http://www.isdpodcast.com/http://www.isdpodcast.com/

8/3/2019 Security Tips for the Small Business From 70000 Feet

3/14

Irongeek.com

Given only 25 minutes, tell us what a small business

could do to help their security posture?

You can expect a lot of buts and except fors

because thats the nature of the business.

8/3/2019 Security Tips for the Small Business From 70000 Feet

4/14

Irongeek.com

The CIA Triad

Confidentiality

Who needs to know it?

Integrity

Has anyone changed it?

Availability

Can the people that need to access it, get to it?

Availability

Stuff

thatwillringyourbellsecuritywise

8/3/2019 Security Tips for the Small Business From 70000 Feet

5/14

Irongeek.com

Not cool or sexy, but important

How often? Daily, Weekly, Monthly?

Offsite storage! Why?

Check to make sure you can restore from the

backup

What to use? Tape, another box, cloud?

Not sure of a cloud provider to recommend, butcheck the providers:

Privacy Policy

Liability for lost data

8/3/2019 Security Tips for the Small Business From 70000 Feet

6/14

Irongeek.com

Don't run as admin on your own machine

This somewhat mitigates what malware can do on a system

File shares with too open a permissions set?

Lots of Windows software is badly designed to require morerights than it needs

Tools to help with this include

ProcMon

http://technet.microsoft.com/en-us/sysinternals/bb896645

RegFrom App

http://www.nirsoft.net/utils/reg_file_from_application.html

ProcessActivityView

http://www.nirsoft.net/utils/process_activity_view.html

http://technet.microsoft.com/en-us/sysinternals/bb896645http://www.nirsoft.net/utils/reg_file_from_application.htmlhttp://www.nirsoft.net/utils/process_activity_view.htmlhttp://www.nirsoft.net/utils/process_activity_view.htmlhttp://www.nirsoft.net/utils/process_activity_view.htmlhttp://www.nirsoft.net/utils/reg_file_from_application.htmlhttp://www.nirsoft.net/utils/reg_file_from_application.htmlhttp://technet.microsoft.com/en-us/sysinternals/bb896645http://technet.microsoft.com/en-us/sysinternals/bb896645http://technet.microsoft.com/en-us/sysinternals/bb896645http://technet.microsoft.com/en-us/sysinternals/bb896645

8/3/2019 Security Tips for the Small Business From 70000 Feet

7/14Irongeek.com

Always unique is best, but

Levels and domains

Different passwords for different purposes (financial, social network,

etc.)

Users sharing a password?

Pass phrases

More secure and easier to remember

Do you store passwords in apps where others can access

them?

Password Vaults

KeyPass - http://keepass.info/

http://keepass.info/http://keepass.info/http://keepass.info/http://keepass.info/

8/3/2019 Security Tips for the Small Business From 70000 Feet

8/14Irongeek.com

Microsoft

Remember patch Tuesday and keep it holy

Somewhat automated

May want to do testing first

Windows Server Update Services

http://technet.microsoft.com/en-us/windowsserver/bb332157.aspx

Linux

apt-get is lovely for package management, but hand installed web apps are a pain

3rd Party

Adobe auto updating?

Shavlik NetChkhttp://www.shavlik.com/sol-patch-management.aspx

GFI Languard

http://www.gfi.com/network-security-vulnerability-scanner/

Secunia PSI/CSI

http://secunia.com

http://technet.microsoft.com/en-us/windowsserver/bb332157.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://technet.microsoft.com/en-us/windowsserver/bb332157.aspxhttp://technet.microsoft.com/en-us/windowsserver/bb332157.aspxhttp://technet.microsoft.com/en-us/windowsserver/bb332157.aspxhttp://technet.microsoft.com/en-us/windowsserver/bb332157.aspxhttp://technet.microsoft.com/en-us/windowsserver/bb332157.aspx

8/3/2019 Security Tips for the Small Business From 70000 Feet

9/14Irongeek.com

Not a magic bullet

If the malware is custom, you are out of luck

Should help against wide spread common malware

Concentrate on user awareness, patches, and least privilege Some suggestions:

Microsoft Security Essentials

http://www.microsoft.com/en-us/security_essentials/default.aspx

AVG

http://free.avg.com

Malware Bytes

http://www.malwarebytes.org/

http://www.microsoft.com/en-us/security_essentials/default.aspxhttp://free.avg.com/http://www.malwarebytes.org/http://www.malwarebytes.org/http://www.malwarebytes.org/http://free.avg.com/http://free.avg.com/http://free.avg.com/http://www.microsoft.com/en-us/security_essentials/default.aspxhttp://www.microsoft.com/en-us/security_essentials/default.aspxhttp://www.microsoft.com/en-us/security_essentials/default.aspxhttp://www.microsoft.com/en-us/security_essentials/default.aspxhttp://www.microsoft.com/en-us/security_essentials/default.aspx

8/3/2019 Security Tips for the Small Business From 70000 Feet

10/14Irongeek.com

Do you have a perimeter (hint not totally)

Sites and browser issues

WiFi (decreasing levels of protection)

WPA Enterprise > WPA > WEP > Open Forget about MAC filtering and SSID cloaking

VPN

Built into Windows

DD-WRThttp://www.dd-wrt.com

OpenVPN

http://openvpn.net

http://www.dd-wrt.com/http://openvpn.net/http://openvpn.net/http://openvpn.net/http://www.dd-wrt.com/http://www.dd-wrt.com/http://www.dd-wrt.com/http://www.dd-wrt.com/

8/3/2019 Security Tips for the Small Business From 70000 Feet

11/14Irongeek.com

What if someone gets access to the physical storage

of your data?

For Email

Public and private keys

GPG

http://www.gnupg.org/

For hard drives/data

Truecrypt

http://www.truecrypt.org

http://www.gnupg.org/http://www.truecrypt.org/http://www.truecrypt.org/http://www.truecrypt.org/http://www.gnupg.org/http://www.gnupg.org/

8/3/2019 Security Tips for the Small Business From 70000 Feet

12/14Irongeek.com

Only hardware that goes public:

Donations

Trashed

Stolen

Format may not remove as much as you think

Data carving

File and Drive wiping

Secure Erasehttp://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml

DBAN

http://www.dban.org/

http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtmlhttp://www.dban.org/http://www.dban.org/http://www.dban.org/http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtmlhttp://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml

8/3/2019 Security Tips for the Small Business From 70000 Feet

13/14Irongeek.com

Louisville InfosecSept 29th

http://www.louisvilleinfosec.com

DerbyCon 2011, Louisville KySept 30 - Oct 2

http://derbycon.com

http://www.louisvilleinfosec.com/http://derbycon.com/http://derbycon.com/http://derbycon.com/http://www.louisvilleinfosec.com/

8/3/2019 Security Tips for the Small Business From 70000 Feet

14/14Irongeek.com

42