Monday , December 23 2024

Security Best Practices by BGD e-GOV CIRT

Password Policy best practices

  • Create a strong, complex and long password.
  • Use multi-factor authentication for login where possible.
  • Avoid save password in browser.

Generic best practices

  • Do not install additional software or server roles on DCs
  • Implement patch management.
  • Use secure DNS services to block malicious domains
  • Ensure business continuity plan (BCP).
  • Use security baselines and benchmarks.
  • Inform and educate users about cyber threats and attacks.
  • Avoid illegal/crack software and use genuine/free/open-source software.
  • Perform vulnerability assessment and penetration testing regularly.
  • Perform IT audit and risk assessment regularly.
  • Ensure physical security in IT infrastructure.
  • Deploy web application firewalls to protect web applications from a variety of application layer attacks.
  • Use Anti-virus and anti-malware software.
  • Actively monitor IT infrastructure for any kind of malicious activities.

Backup best practices

  • Keep regular verified and labeled backup following 3-2-1 backup rule.
  • Encrypt Backup Data.
  • Perform regular tests by restoring backup periodically.

Active Directory best practices

  • Limit the use of Domain Admins and other Privileged Groups.
  • Secure the domain administrator account.
  • Disable the local administrator account (on all computers)
  • Limit local administrative access for all domain users in end devices.
  • Enable audit policy settings with group policy to monitor malicious activities.
  • Monitor Active Directory events to detect compromise and abnormal behavior.
  • Find and remove unused user and computer accounts.

Email Server best practices

  • Keep email servers up to date.
  • Limit administrative access to internal users.
  • Deploy multi-factor authentication for users.
  • Harden the OS hosting email server.
  • Harden the email application.
  • Monitor email servers to detect abnormal activities.
  • Deploy host-based firewalls.
  • Use SSL certificates when dealing with external services.
  • Configure email server to protect your domain against spoofing, spam, email forgery and other attacks.

Network & Security Devices Best Practices

  • Place your network and security devices in proper order based on your environment.
  • Keep network and security devices OS and relevant security patch up to date.
  • Use certificate based SSH authentication.
  • Restrict administrative port from untrusted network.
  • Ensure Network and security devices hardening for secure access control complying AAA.
  • Make sure security devices policy is complying with organization strategy.
  • Network and security devices session and system log need to be preserved in separate repository.
  • Ensure Periodic backup of configuration and security policy.

Check Also

diagram

“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data

“Sarcoma” ransomware group attacked a well known Bangladeshi insurance company named “Popular life insurance company …

Leave a Reply

Your email address will not be published. Required fields are marked *