NOVEMBER 1, 2013
Your regular source of security updates from TrendLabsSM
In This Issue

Security Spotlight
Halloween Ushers in Ghastly Scams

Security for Home Users
Online Security for You and Your Family

Security for Business
Protect Your Corporate Network against Targeted Attacks



Security for Business

Protect Your Corporate Network against Targeted Attacks

Threat actors find security loopholes they can exploit: a vulnerable device, computers with easy-to-guess passwords, or a machine with administrator privileges.”



Targeted attacks happen to both small and large companies. As long as threat actors can gain something from your company, they will find ways to enter your corporate network. Once they get access, they can move laterally, mining company data they can use. To protect your company's assets against compromise, you should know your network infrastructure and how to secure it.

Threat actors find security loopholes they can exploit: a vulnerable device, computers with easy-to-guess passwords, or a machine with administrator privileges. You can easily protect your networks by:

  • Requiring users to create strong passwords via strict policy implementation
  • Limiting the access rights of network-connected machines
  • Patching systems regularly

Security Checklist Expanded

Once threat actors are inside your network, you need to track and stop them from getting their way around. There are three important security components your corporate IT staff needs to implement:

  • Network Segmentation: Involves dividing the corporate network into separate segments, either by location or by department. For large companies, local IT staff monitor and control network segments.
  • Log Analysis: Incident response teams are trained to collect and analyze log data. This is a critical step in detecting targeted attacks. IT staff can use log data to trace lateral movement or data exfiltration, and then determine possible new gateways where attacks can happen.
  • User and Workstation Configuration: Determining access rights for users in a corporate network minimizes impact of targeted attacks, especially attacks that rely on user account privileges on certain computers.

Copyright ©2013 Trend Micro Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their respective owners. The information contained in this document is subject to change without prior notice.

www.trendmicro.com

  CONNECT WITH US ON: