The ABCs of APTs

How to identify and stop Advanced Persistent Threats


 

Three Steps to Stopping APTs

The first — and easiest — step to protecting systems against APTs is to move from username/password combinations to strong multi-factor authentication. Start by combining integrated solutions such as biometrics or smart cards with passwords. This creates strong assurance that only authorized users can access protected information.

Second, make it your organization’s goal to compartmentalize information within various user groups (i.e. human resources, finance, IT). This ensures that only the proper permissions are given to each user to perform the duties associated with their job.

Third, make security awareness training among executives, employees, and IT staff a priority. These exercises should be conducted on a periodic basis (quarterly, if possible).

 

Get Help

One of the common thoughts in the security community is to treat information systems and devices as if they have already been breached. Lowering the confidence factor that the appropriate security controls are in place and effectively working, has many security practitioners conducting internal assessments of the information systems, endpoint devices and processes for vulnerabilities that can (or have) been exploited.

Many security products that were only available to enterprise commercial customers are now being made available under a subscription or Software as a Service (SaaS) model that small and medium business can take advantage of as well. Professional services contracts are available for companies with limited expertise in evaluating and assessing the security posture of their business. Developing a relationship with a trusted security provider that can deliver customized external IT security audits (even for small and medium business), is a practice that no organization should forego.

 

Darnell Washington is the president and chief executive officer of SecureXperts Inc. (www.securexperts.com). With more than 25 years of professional information technology experience, he is actively involved in the design of secure network information technology architectures, and is a Certified Information Systems Security Professional (CISSP).