Security Best Practices
by CIRT Team
Password Policy best practices
- Create a strong, complex and long password.
- Use multi-factor authentication for login where possible.
- Avoid save password in browser.
Generic best practices
- Do not install additional software or server roles on DCs
- Implement patch management.
- Use secure DNS services to block malicious domains
- Ensure business continuity plan (BCP).
- Use security baselines and benchmarks.
- Inform and educate users about cyber threats and attacks.
- Avoid illegal/crack software and use genuine/free/open-source software.
- Perform vulnerability assessment and penetration testing regularly.
- Perform IT audit and risk assessment regularly.
- Ensure physical security in IT infrastructure.
- Deploy web application firewalls to protect web applications from a variety of application layer attacks.
- Use Anti-virus and anti-malware software.
- Actively monitor IT infrastructure for any kind of malicious activities.
Backup best practices
- Keep regular verified and labeled backup following 3-2-1 backup rule.
- Encrypt Backup Data.
- Perform regular tests by restoring backup periodically.
Active Directory best practices
- Limit the use of Domain Admins and other Privileged Groups.
- Secure the domain administrator account.
- Disable the local administrator account (on all computers)
- Limit local administrative access for all domain users in end devices.
- Enable audit policy settings with group policy to monitor malicious activities.
- Monitor Active Directory events to detect compromise and abnormal behavior.
- Find and remove unused user and computer accounts.
Email Server best practices
- Keep email servers up to date.
- Limit administrative access to internal users.
- Deploy multi-factor authentication for users.
- Harden the OS hosting email server.
- Harden the email application.
- Monitor email servers to detect abnormal activities.
- Deploy host-based firewalls.
- Use SSL certificates when dealing with external services.
- Configure email server to protect your domain against spoofing, spam, email forgery and other attacks.
Network & Security Devices Best Practices
- Place your network and security devices in proper order based on your environment.
- Keep network and security devices OS and relevant security patch up to date.
- Use certificate based SSH authentication.
- Restrict administrative port from untrusted network.
- Ensure Network and security devices hardening for secure access control complying AAA.
- Make sure security devices policy is complying with organization strategy.
- Network and security devices session and system log need to be preserved in separate repository.
- Ensure Periodic backup of configuration and security policy.
Recommended Posts
Active Exploitation of Critical F5 BIG – IP Vulnerability (CVE–2023-46747) Uncovered in Bangladesh
06 Nov 2024 - Security Advisories & Alerts