THE MAIN FOCUSES INCLUDE:
• Setting up and securing boundary firewalls to prevent unauthorised access to the network.
• Secure configuration including the removal of unnecessary account logons, software and default passwords. Auto-run features should be disabled, as should all unapproved connections.
• Companies should implement a system of ‘least privilege’ meaning end-users can only access locations, files and applications that are needed for their day-to-day roles and no-one should have permanent admin privileges.
• Malware protection on the endpoints can create a barrier against a number of virus and malware threats. It is imperative that these are kept up-to-date in order to be as effective as possible.
• Patch Management of applications can ensure that any security updates from developers are implemented on your systems. Criminals will target these known vulnerabilities to gain access to systems and not patching can really make this easy for them.
Charl van der Walt feature in The Register article