The Brazilian Government Cyber Incident Prevention, Treatment and Response Center (CTIR Gov) have released guidance on information security strategies and procedures. They recommend that organizations and related entities review their procedures and effective actions. This is following recent threats related to malicious actions, particularly involving the cloud environment, management of people and leaked credentials.
Credentials
Leaked or hacked credentials are a common way for a cybersecurity incident to start so recommendations have been made on how to avoid this.
Passwords
There are a number of things that should be done specifically in relation to passwords:
- Implement strong passwords and highlight what that means to employees
- Definite deadlines to change passwords so that theses are changed regularly
- Advise employees on the risks of using the same password for multiple systems
- Change passwords if there is any suspicion of it being leaked
- Do not reuse old passwords in case it has already been leaked
User accounts
When every employee has their own user account it opens up many avenues to potentially gain unauthorized access. There are plenty of steps that can be taken to minimize these risks:
- Limit permission levels for each user so they can only access what they need
- Cancel any accounts no longer needed or used
- Block users with inactivity
- Enable two-factor authentication systems where possible
- Undertake periodic audits in administrative access logs looking for indications of:
- Malicious actions
- Improper use of credentials
- Block accounts of users that are away, such as:
- Vacation
- Leave
- Dismissal
Cloud Systems
Cloud systems are really useful and remove the need to have the space within your own building to store all your electronic files and help to improve communication between teams. However, they do provide their own risks that are much more difficult to control. Some of the recommendations from CTIR Gov include:
- Ensure network security managers carry out an inventory update, particularly for cloud assets
- Require Multi-Factor Authentication for service providers, including for cloud systems
- Control metadata access settings in cloud environment
- Issue a formal document to IT service providers, in particular cloud providers, requesting the:
- Change of their master password
- Implementation of additional layers of security that mitigate the risk of malicious actions
The full document with advice can be seen here but it can be overwhelming and difficult to know where to start. Value Privacy are a company that can assess all your systems for you and find the weaknesses. We will then work with you to create, implement and maintain a system that works for you to prevent security incidents. Contact us today to find out how we can help you.
