This is a summary of the ten controls that would mitigate the majority of information security incidents that CERT NZ has analysed so far.
Keeping your software up-to-date is one of the most simple and effective steps to take, to ensure your environment stays secure.
Legacy systems are systems that are no longer supported by the vendor, or systems that an organisation no longer maintains. This includes end-of-life or unsupported software.
Unused or older services and protocols often have their own vulnerabilities. Proactively scan your network for any that are not used or vulnerable, and disable them.
Application whitelisting is a method of strictly controlling what programs can be run in your environment.
Change the passwords on any systems that come with default credentials before you use the systems in your environment.
You can authenticate with something you know, something you have, or something you are. Multi-factor authentication (MFA) improves security by requiring two or more of these methods.
The principle of least privilege means only having the access you need to do your job.
After an incident, restoring your data from backups is often the best way to return to business as usual. Performing and testing backups often will help prevent the loss of data in the event of an incident.
Storing and securing your logs in a central place makes log analysis and alerting easier.
A mobile device is any portable device that can access and hold organisational data. It's important to secure these devices, as you would any other device that sits within your network.