In reference with my previous post about destructive behaviour in networking I’m writing this one just to put out there some steps and advices you can take in order to secure your network as much as possible.
From looking at the sorts of attacks that are common, we can define a short list of practices that can help prevent security disasters, and to help control the damage taken.
Hope you have backups
This isn’t just a good idea from a security point of view. Operational requirements should dictate the backup policy, and this should be closely coordinated with a disaster recovery plan, such that if an airplane crashes into your building one night, you’ll be able to carry on your business from another location. Similarly, these can be useful in recovering your data in the event of an electronic disaster: a hardware failure, or a breakin that changes or otherwise damages your data.
Don’t put data where it doesn’t need to be
Although this should go without saying, this doesn’t occur to lots of folks. As a result, information that doesn’t need to be accessible from the outside world sometimes is, and this can dramatically increase the number of break-ins.
Avoid systems with single points of failure
Any security system that can be broken by breaking through any one component isn’t really very strong.
Stay current with relevant operating system patches
Update and patch everything.
Watch for relevant security advisories
In addition to watching what the vendors are saying, keep a close watch on groups like CERT and CIAC. Make sure that at least one person (preferably more) is subscribed to these mailing lists.
Have someone on staff be familiar with security practices
Having at least one person who is charged of keeping in touch with security developments is a good idea. Such a person would then be a wise one to consult with on security related issues, as he’ll be the one who knows if web server software version bla-bla has any known problems, etc.