Upload
tecnocabp
View
217
Download
0
Embed Size (px)
Citation preview
8/3/2019 Security Tips for the Small Business From 70000 Feet
1/14
Irongeek.com
Adrian Crenshaw
Joseph Hollingsworth
8/3/2019 Security Tips for the Small Business From 70000 Feet
2/14
Irongeek.com
Joe
Professor at Indiana University
Southeast
Computer Science &
Informatics departments Director of professional
development for faculty
Adrian
Runs Irongeek.com
Has an interest in InfoSec
education
(ir)Regular on the ISDPodcasthttp://www.isdpodcast.com
http://www.isdpodcast.com/http://www.isdpodcast.com/8/3/2019 Security Tips for the Small Business From 70000 Feet
3/14
Irongeek.com
Given only 25 minutes, tell us what a small business
could do to help their security posture?
You can expect a lot of buts and except fors
because thats the nature of the business.
8/3/2019 Security Tips for the Small Business From 70000 Feet
4/14
Irongeek.com
The CIA Triad
Confidentiality
Who needs to know it?
Integrity
Has anyone changed it?
Availability
Can the people that need to access it, get to it?
Availability
Stuff
thatwillringyourbellsecuritywise
8/3/2019 Security Tips for the Small Business From 70000 Feet
5/14
Irongeek.com
Not cool or sexy, but important
How often? Daily, Weekly, Monthly?
Offsite storage! Why?
Check to make sure you can restore from the
backup
What to use? Tape, another box, cloud?
Not sure of a cloud provider to recommend, butcheck the providers:
Privacy Policy
Liability for lost data
8/3/2019 Security Tips for the Small Business From 70000 Feet
6/14
Irongeek.com
Don't run as admin on your own machine
This somewhat mitigates what malware can do on a system
File shares with too open a permissions set?
Lots of Windows software is badly designed to require morerights than it needs
Tools to help with this include
ProcMon
http://technet.microsoft.com/en-us/sysinternals/bb896645
RegFrom App
http://www.nirsoft.net/utils/reg_file_from_application.html
ProcessActivityView
http://www.nirsoft.net/utils/process_activity_view.html
http://technet.microsoft.com/en-us/sysinternals/bb896645http://www.nirsoft.net/utils/reg_file_from_application.htmlhttp://www.nirsoft.net/utils/process_activity_view.htmlhttp://www.nirsoft.net/utils/process_activity_view.htmlhttp://www.nirsoft.net/utils/process_activity_view.htmlhttp://www.nirsoft.net/utils/reg_file_from_application.htmlhttp://www.nirsoft.net/utils/reg_file_from_application.htmlhttp://technet.microsoft.com/en-us/sysinternals/bb896645http://technet.microsoft.com/en-us/sysinternals/bb896645http://technet.microsoft.com/en-us/sysinternals/bb896645http://technet.microsoft.com/en-us/sysinternals/bb8966458/3/2019 Security Tips for the Small Business From 70000 Feet
7/14Irongeek.com
Always unique is best, but
Levels and domains
Different passwords for different purposes (financial, social network,
etc.)
Users sharing a password?
Pass phrases
More secure and easier to remember
Do you store passwords in apps where others can access
them?
Password Vaults
KeyPass - http://keepass.info/
http://keepass.info/http://keepass.info/http://keepass.info/http://keepass.info/8/3/2019 Security Tips for the Small Business From 70000 Feet
8/14Irongeek.com
Microsoft
Remember patch Tuesday and keep it holy
Somewhat automated
May want to do testing first
Windows Server Update Services
http://technet.microsoft.com/en-us/windowsserver/bb332157.aspx
Linux
apt-get is lovely for package management, but hand installed web apps are a pain
3rd Party
Adobe auto updating?
Shavlik NetChkhttp://www.shavlik.com/sol-patch-management.aspx
GFI Languard
http://www.gfi.com/network-security-vulnerability-scanner/
Secunia PSI/CSI
http://secunia.com
http://technet.microsoft.com/en-us/windowsserver/bb332157.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.gfi.com/network-security-vulnerability-scanner/http://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://www.shavlik.com/sol-patch-management.aspxhttp://technet.microsoft.com/en-us/windowsserver/bb332157.aspxhttp://technet.microsoft.com/en-us/windowsserver/bb332157.aspxhttp://technet.microsoft.com/en-us/windowsserver/bb332157.aspxhttp://technet.microsoft.com/en-us/windowsserver/bb332157.aspxhttp://technet.microsoft.com/en-us/windowsserver/bb332157.aspx8/3/2019 Security Tips for the Small Business From 70000 Feet
9/14Irongeek.com
Not a magic bullet
If the malware is custom, you are out of luck
Should help against wide spread common malware
Concentrate on user awareness, patches, and least privilege Some suggestions:
Microsoft Security Essentials
http://www.microsoft.com/en-us/security_essentials/default.aspx
AVG
http://free.avg.com
Malware Bytes
http://www.malwarebytes.org/
http://www.microsoft.com/en-us/security_essentials/default.aspxhttp://free.avg.com/http://www.malwarebytes.org/http://www.malwarebytes.org/http://www.malwarebytes.org/http://free.avg.com/http://free.avg.com/http://free.avg.com/http://www.microsoft.com/en-us/security_essentials/default.aspxhttp://www.microsoft.com/en-us/security_essentials/default.aspxhttp://www.microsoft.com/en-us/security_essentials/default.aspxhttp://www.microsoft.com/en-us/security_essentials/default.aspxhttp://www.microsoft.com/en-us/security_essentials/default.aspx8/3/2019 Security Tips for the Small Business From 70000 Feet
10/14Irongeek.com
Do you have a perimeter (hint not totally)
Sites and browser issues
WiFi (decreasing levels of protection)
WPA Enterprise > WPA > WEP > Open Forget about MAC filtering and SSID cloaking
VPN
Built into Windows
DD-WRThttp://www.dd-wrt.com
OpenVPN
http://openvpn.net
http://www.dd-wrt.com/http://openvpn.net/http://openvpn.net/http://openvpn.net/http://www.dd-wrt.com/http://www.dd-wrt.com/http://www.dd-wrt.com/http://www.dd-wrt.com/8/3/2019 Security Tips for the Small Business From 70000 Feet
11/14Irongeek.com
What if someone gets access to the physical storage
of your data?
For Email
Public and private keys
GPG
http://www.gnupg.org/
For hard drives/data
Truecrypt
http://www.truecrypt.org
http://www.gnupg.org/http://www.truecrypt.org/http://www.truecrypt.org/http://www.truecrypt.org/http://www.gnupg.org/http://www.gnupg.org/8/3/2019 Security Tips for the Small Business From 70000 Feet
12/14Irongeek.com
Only hardware that goes public:
Donations
Trashed
Stolen
Format may not remove as much as you think
Data carving
File and Drive wiping
Secure Erasehttp://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml
DBAN
http://www.dban.org/
http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtmlhttp://www.dban.org/http://www.dban.org/http://www.dban.org/http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtmlhttp://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml8/3/2019 Security Tips for the Small Business From 70000 Feet
13/14Irongeek.com
Louisville InfosecSept 29th
http://www.louisvilleinfosec.com
DerbyCon 2011, Louisville KySept 30 - Oct 2
http://derbycon.com
http://www.louisvilleinfosec.com/http://derbycon.com/http://derbycon.com/http://derbycon.com/http://www.louisvilleinfosec.com/8/3/2019 Security Tips for the Small Business From 70000 Feet
14/14Irongeek.com
42