Duke IS IT - Security Checklist - Routinely Check for Suspicious Activity

	Use Strong Passwords; Write Them Down or Use an Encrypted Password Database. Consider Using Two-Factor Authentication Instead of Passwords.
	Use Anti-Virus and Anti-Spyware Software.
	Protect Against Internet Intrusions.
	Regularly Check For and Apply Security Updates.
	Routinely Back Up Your Data, and Verify You Can Restore From the Backup.
	Apply Common Sense When Dealing with E-mail.
	Be Aware of the Risks of File-Sharing.
	Routinely Check for Suspicious Activity.
	Educate Your Employees About Your Security and Acceptable Use Policies.
	Develop and Continually Refine a Disaster Recovery / Business Continuity Plan.
	Limit Access to Sensitive and Confidential Data.

Home

About Me

Contact

Support

BLive To Me!

Monthly Specials

News and Newsletters
Monthly Specials
Managed Services
HyBlue™ Portal

Security Info & Alerts
Security Checklist
Network Management
Performance Analysis

Security Lessons Learned
Risk Assessment
Disaster Recovery
Weekly Tech Bargains

Routinely check for suspicious activity.

Why bother doing this? You cannot defend against that which you do not know about. If you were to be sued because your network was identified as the source of an intrusion into another company's network, ignorance of what is happening on your own network will not be a viable defense.

Check security log files on computers to look for failed log-in attempts:

Large numbers of logon attempts in a short time interval or at unusual times may indicate external or internal unauthorized access

While virus attacks grab the headlines, numerous studies have shown that the most successful attacks come from within the organization itself, from disgruntled current and former employees.

Your business may be legally obligated to perform regular reviews of security log files and take corrective action for any violations of your security policy.

The security and system event logs on computers and other network devices may provide valuable clues to identify the time and point of entry into your network for some types of security exploits.

Next...

top