Network & Website Security Cyber Plan Action Items.

Computer Viruses Attack, Errors detected, Warning signs, Stealing data. Monitor with hacking virus alert messages, bugs, notifications, bomb, open lock, infected files
Network Security Computer Viruses Attack, Errors detected, Warning signs, Stealing data.

Share This Post

Network Security

Securing your company’s network consists of: (1) identifying all devices and connections on the network; (2) setting

Network & Website Security Cyber Plan Action Item’s
Network Security Computer Viruses Attack, Errors detected, Warning signs, Stealing data.

boundaries between your company’s systems and others; and (3) enforcing controls to ensure that unauthorized

access, misuse, or denial-of-service events can be thwarted or rapidly contained and recovered from if they do occur.

Cyber Plan Action Items:

1. Secure internal network and cloud services

Your company’s network should be separated from the public Internet by strong user authentication mechanisms

and policy enforcement systems such as firewalls and web filtering proxies. Additional monitoring and security

solutions, such as anti-virus software and intrusion detection systems, should also be employed to identify and stop

malicious code or unauthorized access attempts.

Internal network

After identifying the boundary points on your company’s network, each boundary should be evaluated to determine

what types of security controls are necessary and how they can be best deployed. Border routers should be

configured to only route traffic to and from your company’s public IP addresses, firewalls should be deployed to

restrict traffic only to and from the minimum set of necessary services, and intrusion prevention systems should be

configured to monitor for suspicious activity crossing your network perimeter. In order to prevent bottlenecks, all

security systems you deploy to your company’s network perimeter should be capable of handling the bandwidth that

your carrier provides.

Cloud based services

Carefully consult your terms of service with all cloud service providers to ensure that your company’s information

and activities are protected with the same degree of security you would intend to provide on your own. Request

security and auditing from your cloud service providers as applicable to your company’s needs and concerns.

Review and understand service level agreements, or SLAs, for system restoration and reconstitution time.

You should also inquire about additional services a cloud service can provide. These services may include backup-

and-restore services and encryption services, which may be very attractive to small businesses.

2. Develop strong password policies

Generally speaking, two-factor authentication methods, which require two types of evidence that you are who you

claim to be, are safer than using just static passwords for authentication. One common example is a personal

security token that displays changing passcodes to be used in conjunction with an established password. However,

two-factor systems may not always be possible or practical for your company.

Password policies should encourage your employees to employ the strongest passwords possible without creating

the need or temptation to reuse passwords or write them down. That means passwords that are random, complex

and long (at least 10 characters), that are changed regularly, and that are closely guarded by those who know them.

3. Secure and encrypt your company’s Wi-Fi

Wireless access control

Your company may choose to operate a Wireless Local Area Network (WLAN) for the use of customers, guests and

visitors. If so, it is important that such a WLAN be kept separate from the main company network so that traffic

from the public network cannot traverse the company’s internal systems at any point.


Internal, non-public WLAN access should be restricted to specific devices and specific users to the greatest extent

possible while meeting your company’s business needs. Where the internal WLAN has less stringent access

controls than your company’s wired network, dual connections — where a device is able to connect to both the

wireless and wired networks simultaneously — should be prohibited by technical controls on each such capable

device (e.g., BIOS-level LAN/WLAN switch settings). All users should be given unique credentials with preset

expiration dates to use when accessing the internal WLAN.

Wireless encryption

Due to demonstrable security flaws known to exist in older forms of wireless encryption, your company’s internal

WLAN should only employ Wi-Fi Protected Access 2 (WPA2) encryption.

4. Encrypt sensitive company data

Encryption should be employed to protect any data that your company considers sensitive, in addition to meeting

applicable regulatory requirements on information safeguarding. Different encryption schemes are appropriate

under different circumstances. However, applications that comply with the OpenPGP standard, such as PGP and

GnuPG, provide a wide range of options for securing data on disk as well as in transit. If you choose to offer secure

transactions via your company’s website, consult with your service provider about available options for an SSL

certificate for your site.

5. Regularly update all applications

All systems and software, including networking equipment, should be updated in a timely fashion as patches and

firmware upgrades become available. Use automatic updating services whenever possible, especially for security

systems such as anti-malware applications, web filtering tools and intrusion prevention systems.

6. Set safe web browsing rules

Your company’s internal network should only be able to access those services and resources on the Internet that are

essential to the business and the needs of your employees. Use the safe browsing features included with modern

web browsing software and a web proxy to ensure that malicious or unauthorized sites cannot be accessed from your

internal network.

7. If remote access is enabled, make sure it is secure

If your company needs to provide remote access to your company’s internal network over the Internet, one popular

and secure option is to employ a secure Virtual Private Network (VPN) system accompanied by strong two-factor

authentication, using either hardware or software tokens.


Website Security

Website security is more important than ever.

Web servers, which host the data and other content available to your customers on the Internet, are often the most

targeted and attacked components of a company’s network. Cyber criminals are constantly looking for improperly

secured websites to attack, while many customers say website security is a top consideration when they choose to

shop online. As a result, it is essential to secure servers and the network infrastructure that supports them. The

consequences of a security breach are great: loss of revenues, damage to credibility, legal liability and loss of

customer trust.

The following are examples of specific security threats to web servers:

Cyber criminals may exploit software bugs in the web server, underlying operating system, or active

content to gain unauthorized access to the web server. Examples of unauthorized access include gaining

access to files or folders that were not meant to be publicly accessible and being able to execute commands

and/or install malicious software on the web server.

Denial-of-service attacks may be directed at the web server or its supporting network infrastructure to

prevent or hinder your website users from making use of its services.

Sensitive information on the web server may be read or modified without authorization.

Sensitive information on backend databases that are used to support interactive elements of a web

application may be compromised through the injection of unauthorized software commands. Examples

include Structured Query Language (SQL) injection, Lightweight Directory Access Protocol (LDAP)

injection and cross-site scripting (XSS).

Sensitive unencrypted information transmitted between the web server and the browser may be intercepted.

Information on the web server may be changed for malicious purposes. Website defacement is a

commonly reported example of this threat.

Cyber criminals may gain unauthorized access to resources elsewhere in the organization’s network via a

successful attack on the web server.

Cyber criminals may also attack external entities after compromising a web server. These attacks can be

launched directly (e.g., from the compromised server against an external server) or indirectly (e.g., placing

malicious content on the compromised web server that attempts to exploit vulnerabilities in the web

browsers of users visiting the site).

The server may be used as a distribution point for attack tools, pornography or illegally copied software.

Cyber Plan Action Items:

1. Carefully plan and address the security aspects of the deployment of a

public web server.

Because it is much more difficult to address security once deployment and implementation have occurred, security

should be considered from the initial planning stage. Businesses are more likely to make decisions about

configuring computers appropriately and consistently when they develop and use a detailed, well-designed

deployment plan. Developing such a plan will support web server administrators in making the inevitable tradeoff

decisions between usability, performance and risk.

Businesses also need to consider the human resource requirements for the deployment and continued operation of

the web server and supporting infrastructure. The following points in a deployment plan:

 Types of personnel required — for example, system and web server administrators, webmasters, network

administrators and information systems security personnel.

 Skills and training required by assigned personnel.

 Individual (i.e., the level of effort required of specific personnel types) and collective staffing (i.e., overall

level of effort) requirements.


2. Implement appropriate security management practices and controls when

maintaining and operating a secure web server.

Appropriate management practices are essential to operating and maintaining a secure web server. Security

practices include the identification of your company’s information system assets and the development,

documentation and implementation of policies, and guidelines to help ensure the confidentiality, integrity and

availability of information system resources. The following practices and controls are recommended:

A business-wide information system security policy.

Server configuration and change control and management.

Risk assessment and management.

Standardized software configurations that satisfy the information system security policy.

Security awareness and training.

Contingency planning, continuity of operations and disaster recovery planning.

Certification and accreditation.

3. Ensure that web server operating systems meet your organization’s

security requirements.

The first step in securing a web server is securing the underlying operating system. Most commonly available web

servers operate on a general-purpose operating system. Many security issues can be avoided if the operating

systems underlying web servers are configured appropriately. Default hardware and software configurations are

typically set by manufacturers to emphasize features, functions and ease of use at the expense of security. Because

manufacturers are not aware of each organization’s security needs, each web server administrator must configure

new servers to reflect their business’ security requirements and reconfigure them as those requirements change.

Using security configuration guides or checklists can assist administrators in securing systems consistently and

efficiently. Initially securing an operating system initially generally includes the following steps:

Patch and upgrade the operating system.

Change all default passwords

Remove or disable unnecessary services and applications.

Configure operating system user authentication.

Configure resource controls.

Install and configure additional security controls.

Perform security testing of the operating system.

4. Ensure the web server application meets your organization’s security


In many respects, the secure installation and configuration of the web server application will mirror the operating

system process discussed above. The overarching principle is to install the minimal amount of web server services

required and eliminate any known vulnerabilities through patches or upgrades. If the installation program installs

any unnecessary applications, services or scripts, they should be removed immediately after the installation process

concludes. Securing the web server application generally includes the following steps:

Patch and upgrade the web server application.

Remove or disable unnecessary services, applications and sample content.

Configure web server user authentication and access controls.

Configure web server resource controls.

Test the security of the web server application and web content.


5. Ensure that only appropriate content is published on your website.

Company websites are often one of the first places cyber criminals search for valuable information. Still, many

businesses lack a web publishing process or policy that determines what type of information to publish openly, what

information to publish with restricted access and what information should not be published to any publicly

accessible repository. Some generally accepted examples of what should not be published or at least should be

carefully examined and reviewed before being published on a public website include:

Classified or proprietary business information.

Sensitive information relating to your business’ security.

Medical records. A business’ detailed physical and information security safeguards.

Details about a business’ network and information system infrastructure — for example, address ranges,

naming conventions and access numbers.

Information that specifies or implies physical security vulnerabilities.

Detailed plans, maps, diagrams, aerial photographs and architectural drawings of business buildings,

properties or installations.

Any sensitive information about individuals that might be subject to federal, state or, in some instances,

international privacy laws.

6. Ensure appropriate steps are taken to protect web content from

unauthorized access or modification.

Although information available on public websites is intended to be public (assuming a credible review process and

policy is in place), it is still important to ensure that information cannot be modified without authorization. Users of

such information rely on its integrity even if the information is not confidential. Content on publicly accessible web

servers is inherently more vulnerable than information that is inaccessible from the Internet, and this vulnerability

means businesses need to protect public web content through the appropriate configuration of web server resource

controls. Examples of resource control practices include:

Install or enable only necessary services.

Install web content on a dedicated hard drive or logical partition.

Limit uploads to directories that are not readable by the web server.

Define a single directory for all external scripts or programs executed as part of web content.

Disable the use of hard or symbolic links.

Define a complete web content access matrix identifying which folders and files in the web server

document directory are restricted, which are accessible, and by whom.

Disable directory listings.

Deploy user authentication to identify approved users, digital signatures and other cryptographic

mechanisms as appropriate.

Use intrusion detection systems, intrusion prevention systems and file integrity checkers to spot intrusions

and verify web content.

Protect each backend server (i.e., database server or directory server) from command injection attacks.

7. Use active content judiciously after balancing the benefits and risks.

Static information resided on the servers of most early websites, typically in the form of text-based documents.

Soon thereafter, interactive elements were introduced to offer new opportunities for user interaction.

Unfortunately, these same interactive elements introduced new web-related vulnerabilities. They typically involve

dynamically executing code using a large number of inputs, from web page URL parameters to hypertext transfer


protocol (HTTP) content and, more recently, extensible markup language (XML) content. Different active content

technologies pose different related vulnerabilities, and their risks should be weighed against their benefits. Although

most websites use some form of active content generators, many also deliver some or all of their content in a static


8. Use authentication and cryptographic technologies as appropriate to

protect certain types of sensitive data.

Public web servers often support technologies for identifying and authenticating users with differing privileges for

accessing information. Some of these technologies are based on cryptographic functions that can provide a secure

channel between a web browser client and a web server that supports encryption. Web servers may be configured to

use different cryptographic algorithms, providing varying levels of security and performance.

Without proper user authentication in place, businesses cannot selectively restrict access to specific information. All

information that resides on a public web server is then accessible by anyone with access to the server. In addition,

without some process to authenticate the server, users of the public web server will not be able to determine whether

the server is the “authentic” web server or a counterfeit version operated by a cyber criminal.

Even with an encrypted channel and an authentication mechanism, it is possible that attackers may attempt to access

the site by brute force. Improper authentication techniques can allow attackers to gather valid usernames or

potentially gain access to the website. Strong authentication mechanisms can also protect against phishing attacks,

in which hackers may trick users into providing their personal credentials, and pharming, in which traffic to a

legitimate website may be redirected to an illegitimate one. An appropriate level of authentication should be

implemented based on the sensitivity of the web server’s users and content.

9. Employ network infrastructure to help protect public web servers.

The network infrastructure (e.g., firewalls, routers, intrusion detection systems) that supports the web server plays a

critical security role. In most configurations, the network infrastructure will be the first line of defense between a

public web server and the Internet. Network design alone, though, cannot protect a web server. The frequency,

sophistication and variety of web server attacks perpetrated today support the idea that web server security must be

implemented through layered and diverse protection mechanisms, an approach sometimes referred to as “defense-in-


10. Commit to an ongoing process of maintaining web server security.

Maintaining a secure web server requires constant effort, resources and vigilance. Securely administering a web

server on a daily basis is essential. Maintaining the security of a web server will usually involve the following steps:

A-Backing up critical information frequently.

B-Configuring, protecting and analyzing log files.

Maintaining a protected authoritative copy of your organization’s web content.

Establishing and following procedures for recovering from compromise.Testing and applying patches in a timely manner.

Testing security periodically.

More To Explore


How to Manage Dry Mouth

If you suffer from dry mouth (xerostomia), you are at an increased risk of developing cavities; less saliva leads to a higher risk of oral infection, altered sense of taste, difficulty swallowing, and a decreased quality of life. Women and the elderly report a higher prevalence of dry mouth overall. There are various causes for

Scroll to Top