When we look at security in technology, we have this tendency of forgetting to do the basics. There is so much one can do to enhance your security without spending a fortune. Retrofitting these basics will be an absolute pain in the behind as you will have to force process and procedure changes, but this cannot be helped.

Let’s start with the core ….. the actual Network. From experience I can tell you that this aspect is often left behind or done once and never kept up to date.

The basic principle is that if you don’t know about it you CANNOT defend it.

You must document EVERYTHING in your network, links, routers, firewalls, line speeds, switches and vlans. On the switches which ports are open and which are not in use.

Next…..check the config on all the devices and make sure that the default user ID and password has been changed (very few people actually do that). Restrict the device to its most minimal function required to function.

Defaults are a pure evil

#ciso #infosec #cyber