US spy agency talks network security

By on
US spy agency talks network security

Don't forget the little things.

The National Security Agency knows a lot about offensive and defensive security, so its new network security report is worth a look.

The US spy agency tasked with intercepting and analysing signals intelligence wrote it for administrators of small networks such as home users but it was a refresher on good practices for infosec professionals of all stripes.

Of particular interest to office workers and their sysadmins is the spooks' suggested prohibition on out-of-office messages.

Below is a summary of the key points. The report (PDF) is broken into four recommendations.

Host:

  • Use the more secure 64-bit Windows 7
  • Limit access rights
  • Sandbox web browsers and PDF readers
  • Upgrade to Microsoft Office 2010; it does not open XML files by default and uses protected mode that restricts execution
  • Use disk encryption
  • Enable data protection on iPads
  • Enable FileVault on Mac OS

Network:

  • WEP is dead
  • Use a DNS provider
  • Use strong passwords on all network devices

Operational:

  • Avoid public wireless wi-fi networks
  • Don’t mix work and home emails
  • Beware of local laws when using cloud services
  • Be wary of social networking
  • Don’t use out-of-office messages because they verify email addresses to spammers
  • Use different user names for work and personal accounts
  • Be aware when you are using services linked to GPS

Router:

  • Use MAC filtering and limit the IP address pool
  • Limit the power of access points
  • Hide or "cloak" your public wi-fi networks name (SSID)
  • Disable scripts in web browsers
  • Enable data execution prevention on programs

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?