News & Commentary

09:43 AM
Chris Banta, Safe Systems
Chris Banta, Safe Systems

10 Components of a Comprehensive IT Security Foundation

A financial institution’s digital assets are every bit as valuable as the money in the vault.

The business of financial services has undergone a tremendous amount of change in the last decade with the advancement of networking technology, online services and the growing demand from customers to provide 24/7 access to their financial lives. Running a financial institution is not simply a matter of managing money and providing loans. It’s about managing data and networks, too.

Because of this technological shift in the industry, network administrators and information technology officers now play a crucial part in ensuring the financial institution’s network and data are protected from viruses, malware and electronic attacks from would-be digital robbers. It’s not an easy job.

There are a number of tools and procedures available that will help any bank or credit union to advance in the online age with a greater degree of confidence. On their own, some of these simple steps such as software patching and firewalls may seem like obvious security techniques. However, in combination, the deployment of a layered approach is the first step in building a strong security foundation.

Employing these 10 techniques will help provide your institution the additional peace of mind that comes through sound, comprehensive IT security:

  • Employ a firewall and/or intrusion prevention system (IPS) solution
  • This system often act as a first line of defense for your network by controlling what data enters or leaves your network and helping to monitor, log and report malicious activity. Setting institution-specific rules and monitoring activity for attacks and usage will help maintain a secure firewall. Network intrusion prevention services help block attacks while allowing authorized traffic to flow freely. No matter how good the technology deployed, monitoring firewall logs is a key step in detecting malicious activity.

  • Keep your Microsoft systems patched with the latest bug fixes and security updates
  • Hackers constantly search for loopholes and weaknesses they can exploit to infiltrate systems, steal data or generally wreak havoc. As the creator of some of the world’s most widely used operating system, productivity software and network tools, Microsoft tends to be a popular target for these attacks. The software giant helps remediate vulnerabilities by regularly releasing bug fixes and security patches for its products. Keeping up to date with these updates will ensure your institution has the latest protection from vulnerabilities. An automated patch management system can help do this efficiently and with minimal disruption to day-to-day operations.

  • Maintain up-to-date virus security software and definitions
  • Information security is constantly evolving. Just as soon as vulnerabilities get patched or a virus is identified and stopped, bad guys look for new ways to infiltrate your systems. Keeping your antivirus software up to date helps ensure your workstations and devices are protected from the latest known malware

  • Establish a process for critical server vulnerability scanning
  • Scanning for vulnerabilities is a great way to identify vulnerabilities. Making this process into a regularly scheduled – or automated – process within your security program will pay dividends. It can determine if critical patches or network hardening is needed to further protect your systems.

  • Patch ubiquitous third-party applications, such as Adobe, Java and Flash
  • As with Microsoft systems and software, third-party applications such as Acrobat, Java and Flash are susceptible to attack. Keeping up with vendors’ updates and patches will help counter these risks by ensuring software installed on your machines is up to date with known vulnerabilities. Uninstalling legacy versions of third-party applications on workstations and servers is equally important when reducing your attack surface area. This is a process that can be automated through a patch management system, thus mitigating the time consuming and labor intensive nature of this process.

  • Have an ongoing server hardening solution to remove common and critical vulnerabilities
  • Server hardening is the process of reducing the number of avenues from which your systems can be attacked. By keeping servers clean from outdated or unnecessary software, services, configurations and users, it gives bad guys fewer ways to infiltrate your IT. This is another process that can be automated and regularly scheduled to ensure consistency with institution policies.

  • Use a hosted DNS solution to protect against malware downloads
  • A Domain Name System (DNS) security solution can help limit the risk of unauthorized entry by proactively blocking the resolution of known bad domains. It is particularly useful in preventing malware from inadvertently downloading during web surfing. Tracking the domain resolution can also provide early warning signs to help determine whether a machine has already been compromised.

  • Train your employees on information security and best practices
  • You can’t expect everyone in your institution – from tellers and loan officers to executives and the board – to understand information security from day one. But you can teach it to them. Providing a little training in IT security can go a long way to preventing information from falling into the wrong hands.

  • Install a server security solution to monitor activity and help prevent attacks
  • Just like antivirus programs on a PC, server security solutions can help to identify and eliminate malware, infected files and unauthorized software from your servers. Server intrusion prevention and event log analysis, for instance can block attacks such as buffer overflows, Trojan horses and worms from entering your servers. These tools can help monitor for and prevent the installation of malicious software and detect anomalous activity before it becomes a much larger problem.

  • Have a comprehensive reporting solution for both network management and security review
  • Keeping track of critical patches, antivirus updates, DNS, servers and other vulnerabilities can be a lot of work. A centralized, comprehensive reporting solution can bring all of these disparate security functions in one place to keep you up to date on all of your hardware and systems.

[Related Content: 7 Security Predictions for 2014 from Booz Allen Hamilton]

These 10 components go a long way toward building a comprehensive security program that will help protect your institution and its assets from many malicious attacks.

Chris Banta is Manager of Managed Services for Safe Systems

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Here is what the client expects us to develop...
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.