Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT Best Practices Fred Limmer, IT Practice Manager.

Published byCaren Hamilton Modified over 7 years ago

Similar presentations

Presentation on theme: "IT Best Practices Fred Limmer, IT Practice Manager."— Presentation transcript:

1 IT Best Practices Fred Limmer, IT Practice Manager

2 Fred Limmer Background IT Practice Manager Fred.limmer@interdynbmi.com
Fred Limmer has spent almost 20 years consulting and providing IT services to clients, large and small, in every vertical. With over ten years of experience managing his own consulting firm, Fred has developed a breadth of business management knowledge and brings a forward-thinking methodology to IT. His primary focus is understanding the customer’s business need because knowing where to best spend dollars on technology is as important as the technology itself. IT Practice Manager

3 Objectives Educate Motivate Take Action!

4 Introduction Business Security Continuity Policy Reporting & Alerting
Network Management

5 Security - Network Password Policy User Account Control
Regular Auditing and Change Alerting Patching/fixing Vulnerabilities Anti-Virus, Anti-Malware, Anti-SPAM Regular Auditing Password Policies, every user hates them, but they are vital to security on the network. All users must have a password, that password should be long. You’re probably thinking, “What? What about complexity, that’s important right? Actually no. The common belief is that a super complex password is more secure, but the opposite is true. Passwords should have at least 10 characters. Each additional character makes a password exponentially harder to crack. BcY79i56= 2 hours AhorseisAhorse = 2,000,000,000 Years User account control must be taken very seriously to maintain network security. Account Control is maintaining on necessary accounts, and only placing them in security groups or providing permissions that the user NEEDS to do their job. There are key security groups that should have an extremely selective membership on your network; Domain Admins, Enterprise Admins, Schema Admins, etc. On permissions, most restrictive is the way to go. Again, only what they need. If a user only needs to read reports from a folder on the server, then they only need READ permission. Auditing and Change Alerting is key to controlling change and keeping hackers out. You should know the moment any user is added to a security group, or new account created, deleted, locked out, etc. Hackers, once they gain access to your network will routinely either create a new user account for themselves, or will move an account that they control to an admin security group. Vulnerability Exploits are how hackers initially gain access to your network. An unpatched Internet Browser is your worst enemy. Updated Operating Systems fully, and keep 3rd party software like Adobe Reader and Java up to date. Anti-Virus and Anti-Malware should be layered on your network and should use different scan engines. You should have a perimeter Unified Threat Management or UTM Gateway that has a virus and malware scanner, you should have them installed on your servers, and on all desktops/laptops, and on all devices. Tell the story about the company that got hacked from a sales guy’s phone. Mail Security is also key. Most Ransomware attacks are delivered through phishing s. Attachments that can contain malicious code should be blocked, and a good scan engine should be employed.

6 Security - Network Harden Servers Keep the Firewall On! AppLocker
Auditing Servers should be hardened as much as possible. Hardening is a process by which the server is pared down to run only the absolute minimum software/services required to function, and firewall, and local security policies are as restrictive as possible while still allowing the functions required. Often times, you will find a firewall off on a server. That is because someone wasn’t able to figure out how to allow the required traffic to and from the server through the firewall, and simply turned it off. This is the worst response to the issue. Keep the firewall on, and figure out how to configure it for the need. Don’t just shut it off. Look at enabling AppLocker on your servers. AppLocker prevents unspecified applications and code from running on your servers. For instance, on a Hyper-V host, you can easily enable AppLocker and set the option to ONLY run Microsoft signed applications. This way, nothing outside of Microsoft software can execute, thus the server is unable to be infected by a virus, malware, or Ransomware. Frequent Network Auditing is key to maintaining security. Computers, Users, Group, equipment, copiers, etc. are added, deleted, or changed daily on the network. You should be auditing on at least a quarterly basis those changes and the general security of the network.

7 Security – Applications & Other
Updating and Patching Vulnerabilities Backing up Application Data (SQL) Engage with a Specialist Other Physical Security Regular Testing Training

8 Policy – Organizational Policies
Acceptable Use Policy Communications Policy Data Protection Policy Remote Access Policy

9 Policy – Network Policies
Password Policy Security Policy Server and Workstation Policy Industry or Regulation Specific Policies (HIPAA, Sox, PCI) Don’t cater to users. Make a policy and enforce it, top to bottom

10 Network Management - Monitoring
Monitoring for Health Metrics Monitoring for Performance Metrics Monitoring for Control Monitoring Security

11 Network Management - Maintenance
Patch Management 3rd Party Updates and Management Preventative Maintenance Quarterly Physical Check Monthly Reboot

12 Business Continuity Simple Backup/Restore Enterprise File Services
Disaster Recovery Plan Business Continuity Plan Testing Recovery Systems

13 Reporting and Alerting
Alerting for critical issues (SMS, , etc.) Alert compiling for non-critical issues Regular Reporting Actually reviewing the reports

14 10 Things You Can Do Today

15 10 Things You Can Do Today 10. Create a Password Policy
9. Audit your Security Groups 8. Change Default Passwords on Network Devices 7. Schedule a Window to Update Servers and Computers. 6. Draft Your Network Policies (Acceptable Use, Access, etc.)

16 10 Things You Can Do Today 5. Lock the server room door!
4. Blow out the dust 1 3. Verify backups 2. Draft a Change Control Policy 1. Call InterDyn BMI and schedule a Network Health Audit!

17 Q&A Open Floor for Questions fred.limmer@interdynbmi.com
If you would like to ask questions after the event is over, please me at: and I’ll be more happy to answer them for you!

18 Upcoming Webinar: Let’s Learn Live Series – Check our website for upcoming events and scheduling
Visit our YouTube Channel for past webinars InterDynBMI.com website Subscribe to our WebShield Alerts Service to get updates in your inbox about new Internet threats and tips to stay safe and secure online. Related Resources ?

Download ppt "IT Best Practices Fred Limmer, IT Practice Manager."

Similar presentations

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Safe IT – Protect your computer and Family from unwanted programs viruses and websites.

Safe IT – Protect your computer and Family from unwanted programs viruses and websites.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
eScan Total Security Suite with Cloud Security

eScan Total Security Suite with Cloud Security
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.

Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.
IT Security for Users By Matthew Moody.

IT Security for Users By Matthew Moody.
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.

COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.

User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.
Small Business Security Keith Slagle April 24, 2007.

Small Business Security Keith Slagle April 24, 2007.
Internet Security. 2 Computers on the Internet are almost constantly bombarded with viruses, other malware and other threats.

Internet Security. 2 Computers on the Internet are almost constantly bombarded with viruses, other malware and other threats.
INNOVATE THROUGH MOTIVATION MSP Services Overview KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.

INNOVATE THROUGH MOTIVATION MSP Services Overview KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Similar presentations

Ads by Google