Prevention

 
 
By Joshua Weinberger  |  Posted 2004-03-15 Print this article Print
 
 
 
 
 
 
 


Prevention

Step 2

The first major principle of preventing intrusions is to minimize risk by making it harder to crack into existing systems. To do this, IT managers must first shrink the problem domain—cutting down on the number of systems that need to be secured. Otherwise, its just too big a problem.

With assessment results in hand, install all available system updates—but only after all needed components are installed, so that update agents will download the right patches. This is tricky to do safely because systems are highly vulnerable when freshly installed.

Next, start trimming fat from the systems that matter. Cut deep, leaving only enough functionality for critical systems to work and not a bit more.

Also, change system defaults. Attackers infer knowledge about attacked systems based on their own copies of the same software.

Its important to install server- or client-side tools that actively work to block anomalous behavior, on the principle that it might be harmful. Anti-virus software, local network firewalls, application firewalls and trusted operating systems all apply this principle.

When developing applications, use secure programming practices. Applications that accept user input are potential security risks, and externally facing dynamic Web applications are especially high-risk. Tools that look for vulnerabilities in the development phase help coders avoid mistakes in the first place.

All systems are vulnerable—to highly skilled outside attackers, accidental misconfigurations, momentary lapses of attention or an internal attack. Managers should therefore plan for failure, with the level of protection matching the value of the assets being protected.

Prevention also requires ensuring minimal operational disruption should a successful break-in occur. Regular backups allow individual destroyed or corrupted files to be restored, provide a way to track changes made to key system files, and are a quick way to roll systems back to "good" configurations.Next Page: Step 3: Detection



 
 
 
 
Assistant Editor
joshua_weinberger@ziffdavisenterprise.com
After being on staff at The New Yorker for five years, Josh later traveled the world, hitting all seven continents in a single year. At Yale University, he majored in American Studies, English, and Theatre Studies.

 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel