Best Remote Desktop Access Security Configuration

desktop-pc2.s300x300Best Remote Desktop Access Security Configuration

Many users continue to leave wide open remote control software which can be easily exploited by a hacker. It is highly recommended to use secure methods for remote access and control stations; for example, the use of a VPN connection. Below you will find some guidelines to help secure your remote access stations. While not all the policies listed below may be necessary, it is recommended that you properly understand all network vulnerabilities and implement a series of policies based on potential exposure.

  • Configure the account lockout settings to lock a user account after a period of time or a specified number of failed login attempts. This prevents unlimited unauthorized attempts to login whether from an unauthorized user or via automated attack types like brute force.
  • Limit the number of users and workstations who can log in using Remote Desktop.
  • Use firewalls (both software and hardware where available) to restrict access to remote desktop listening ports (default is TCP 3389).
  • Change the default Remote Desktop listening port.
  • Define complex password parameters. Configuring an expiration time and password length and complexity can decrease the amount of time in which a successful attack can occur.
  • Require two-factor authentication (2FA) for remote desktop access.
  • Install a Remote Desktop Gateway to restrict access.
  • Add an extra layer of authentication and encryption by tunneling your Remote Desktop through IPSec, SSH, or SSL.
  • Require 2FA when accessing payment processing networks. Even if a virtual private network is used, it is important that 2FA is implemented to help mitigate keylogger or credential dumping attacks.
  • Limit administrative privileges for users and applications.
  • Periodically review systems (local and domain controllers) for unknown and dormant users.

Resources: US-CERT – Department of Homeland Security

See related links:

Best Network Security Practices for Merchant Processing

Best Practices for Cash Register and PoS Security

Backoff Point-of-Sale Malware US-CERT Alert (TA14-212A)

https://info.globalit.com/wp-content/uploads/2014/08/desktop-pc2.s300x300.jpg

Computer Security|Internet Security|IT Services

Best Network Security Practices for Merchant Processing

Cards and padlock online banking, credit card transactions, trading, protection, fraud, identity theft, etc.

Best Network Security Practices for Merchant Processing

Protecting and securing consumer data should be an imperative policy. Securing consumer data can increase consumer shopping confidence and add value to your business reputation. Here are some guidelines for safeguarding merchant terminals from internet hackers. While not all the policies listed below may be necessary, it is recommended that you properly understand all network vulnerabilities and implement a series of policies based on potential exposure.

  • Purchase a leading Anti-Virus and stay patched, updated.
  • Review firewall configurations and ensure that only allowed ports, services, and Internet protocol (IP) addresses are communicating with your network. This is especially critical for outbound (e.g., egress) firewall rules in which compromised entities allow ports to communicate to any IP address on the Internet. Hackers leverage this configuration to ex-filtrate data to their IP addresses.
  • Segregate payment processing networks from other networks.
  • Apply access control lists (ACLs) on the router configuration to limit unauthorized traffic to payment processing networks.
  • Create strict ACLs segmenting public-facing systems and back-end database systems that house payment card data.
  • Implement data leakage prevention/detection tools to detect and help prevent data exfiltration.
  • Implement tools to detect anomalous network traffic and anomalous behavior by legitimate users (compromised credentials).

Resources: US-CERT – Department of Homeland Security

See related links:

Securing Remote Control Software and Stations

Best Practices for Cash Register and PoS Security

Backoff Point-of-Sale Malware US-CERT Alert (TA14-212A)

https://info.globalit.com/wp-content/uploads/2014/08/12-Basic-Requirements-for-Keeping-Credit-Card-Data-Safe.jpg

Computer Security|Internet Security|IT Services

Best Practices for Cash Register and PoS Security

image_galleryBest Practices for Cash Register and PoS Security

Security policies should be implemented for all aspects of a network from top to bottom. Here you will find the best network security practices for cash registers and POS systems. While not all the policies listed below may be necessary, it is recommended that you properly understand all network vulnerabilities and implement a series of policies based on potential exposure.

  • Implement hardware-based point-to-point encryption. It is recommended that EMV-enabled PIN entry devices or other credit-only accepting devices have Secure Reading and Exchange of Data (SRED) capabilities. SRED-approved devices can be found at the Payment Card Industry Security Standards website.
  • Install Payment Application Data Security Standard-compliant payment applications.
  • Deploy the latest version of an operating system and ensure it is up to date with security patches, anti-virus software, file integrity monitoring, and a host-based intrusion-detection system.
  • Assign a strong password to security solutions to prevent application modification. Use two-factor authentication (2FA) where feasible.
  • Perform a binary or checksum comparison to ensure unauthorized files are not installed.
  • Ensure any automatic updates from third parties are validated. This means performing a checksum comparison on the updates prior to deploying them on PoS systems. It is recommended that merchants work with their PoS vendors to obtain signatures and hash values to perform this checksum validation.
  • Segregate payment processing networks from other networks.
  • Disable unnecessary ports and services, null sessions, default users, and guests.
  • Enable logging of events and make sure there is a process to monitor logs on a daily basis.
  • Implement least privileges and ACLs on users and applications on the system.

Resources: US-CERT – Department of Homeland Security

See related links:

Securing Remote Control Software and Stations

Best Network Security Practices for Merchant Processing

Backoff Point-of-Sale Malware US-CERT Alert (TA14-212A)

https://info.globalit.com/wp-content/uploads/2014/08/image_gallery.png

Computer Security|Internet Security|IT Services

Learning From iCloud’s Security Breach – How To Keep Your Network More Secure

pw1It was just a matter of time before another leading corporation became the victim of another hacker incident by accessing information through an IT security breach. The last major reported breach in 2014 during the holiday season when major corporations Target and Goldman Sachs became victims. Now, headlines of Apple and Home Depot, computer and technology networks being comprised are all over the news.

The one irrefutable fact that stands out about these incidences is that these major corporations have massive budgets for IT and administrators, yet they are still being compromised. Which leaves me to ask, how safe are we and what can we do to protect ourselves? Surprisingly, the answers to these questions are pretty easy. The average person is as safe as they are responsible. Ultimately, we are responsible for our own protections when it comes to our online activities and personal devices.

Most people now days are becoming savvy to the phishing scams being used by cyber attackers. A new method of phishing called “Spear Phishing” is being used to target individuals such as high level government officials, people of influence and celebrities. Information gathered through social media and other public outlets are used to create targeted attacks. According to Apple, this technique might have been used by attackers to gain access to celebrity accounts.

[testimonial author=”Apple“]After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone.[/testimonial]Apple

card1It was also discovered that Elcomsoft Phone Password Breaker, an app designed for law enforcement, was used to gain access to these accounts. The app works by downloading a backup copy of the victims’ phone, which has been saved in iCloud. The only way the attacker could gain access to the accounts is by using a Brute Force Attack, a technique where a software key generator is used to basically guess usernames and passwords over and over again, hence the name “Brute Force”.

Here are a few tips that can help you minimized the risk of a security breach:

  1. Anti-Virus – Make sure you have a paid, trust worthy Anti-virus installed on your devices and it is up-to-date. Be wary of free AV.
  2. Firewall – Make sure you have an up to date firewall device and/or software and it is configured correctly by a certified networking security specialist. Examples:
    • Firewalls can block numerous unauthorized login attempts (Brute Force)
    • Protect certain vulnerable standard applications like MS Remote Desktop Connection or Apple Desktop Connection
    • Allow multiple step authentication
    • Provide encryption of data being transferred and connections to a network
    • Block unusual traffic patterns i.e data dumping
  3. Specialized Email Accounts – Setup email accounts designed for specific task, such as banking, voicemails, and online purchasing. Having specific email accounts will allow you to have avoid accidentally opening up a malice’ phishing email.  Examples:
    • bk_karenadler@gmail.com (banking)
    • vm_karenadler@gmail.com (Voicemail to email)
    • pur_karenadler@gmail.com (purchases or online transactions
  4. Strong Passwords – In today’s cyber world, criminals are utilizing sophisticated password crackers that can have a substantially higher success rate then ones we have seen before. Updating you password to a more secure alpha-numeric, cryptic password will increase the password formula possibilities and reduce the chance of getting hacked.
    • Secret123! can be changed to <$3cR3ti23!>
    • Adding one more element to the password such as a zip code can still substantially increase the difficulty in a password making it nearly impossible to crack. <$3cR3t!!90601>
  5. Change Your Passwords – Have you noticed that most banks require you to change your password regularly to access your account online? This is because changing your password periodically, decrease the chances of your account getting hacked into. Scheduling an office wide maintenance at least every 6 months to change all passwords will dramatically minimize your chances of a security breach.
  6. Two-step authentication – Enabling a two-step authentication upon login will decrease the chances of being hacked. A two-step authentication will allow another device to approve access to the account. Example:
    • Receiving a text authorization code to a cell phone
    • Receiving an email authorization link or code to a verified email address

Most small businesses store critical information within their networks and the cloud. Determining the correct internet security policy may take some time to implement, however the added layers of protection can save you the stress, embarrassment and the financial burden of having to recover from a security breach.

https://info.globalit.com/wp-content/uploads/2014/09/card1.jpg|https://info.globalit.com/wp-content/uploads/2014/09/pw1.jpg

Computer Security|Internet Security|IT Services