- Use a risk assessment process to identify where security efforts should be focused
- Harden systems by installing updates, removing every possible component not used in normal operation, changing system defaults (especially passwords and file permissions), installing security software and performing penetration tests
- Use interlocking security systems to protect key resources
- Externally accessible Web applications are frequent entry points for crackers; carefully audit this code for security holes
- Have a working backup strategy as a final fallback
- Educate IT and end-user staff about safe computing and physical security guidelines
Home Cybersecurity