Blog

7 Commonly Neglected Security Tasks: DMARC, DNS Calls, And More

December 13, 2018
Jeff Ahlerich

In this age of digital transformation, IT staff are under incredible pressure to keep up with the breakneck speed of new technology adoption, implementation, and management while trying to maintain usability, productivity, and efficiency. With this reality, something has got to give, and oftentimes what falls off the radar are security tasks.

HOW GOOD IS YOUR SECURITY HYGIENE?

Like flossing your teeth, you know security hygiene is crucial to your company’s health. However, when nothing seems to be going wrong, it can be easy to let good security habits slide a little bit. According to CSO Magazine, the biggest attacks last year focused on vulnerabilities with patches that had been available for anywhere from weeks to months: “In fact, a full 90% of organizations recorded exploits for vulnerabilities that were at least three years old.” Knowing you need to prioritize good security habits, keep in mind these commonly neglected security tasks.

SECURITY TASK NEED-TO-DO LIST

Consider adding these often overlooked tasks to your security check list:

  1. Patching, patching, patching. In line with the statistics mentioned earlier, companies need to stay on top of patching vulnerabilities. You don’t want to be the company that has a data breach as a result of a vulnerability with a months-old patch available!
  2. Focus on insider threats. The threat from inside is greater than many companies realize, making the need to focus on this threat all the more critical.
  3. Manage accounts. Users have accounts of all kinds, from Google and payroll software to project management and more. And with the proliferation of cloud-based apps, users can access these accounts from anywhere with a web connection—so without proper account management, users will have access even if they leave the company.
  4. Get back to the basics. How embarrassing for the 2018 Consumer Electronics Show to lose power, yet how many companies have back-up generators available should the need arise?
  5. Review supply chain security. Don’t assume that every piece of your supply chain is secure—pay attention to the security of third parties, suppliers, and service providers.
  6. Stop malicious DNS calls. When a user clicks on a phishing email link, the resulting DNS call likely reaches a malicious site. Companies can use tools to stop the call and inform the user they tried to access a malicious site.
  7. Enable DMARC. Domain-based Message Authentication, Reporting, and Conformance is a mouthful, but DMARC is one of the best tools to prevent social engineering attacks through spoofed emails. By enabling DMARC, companies can set up user warnings when spoofed messages are received or simply block the messages altogether, giving you one more layer of protection against phishing attacks.

With this list in hand, companies can set the goal of better security hygiene, but many will still struggle with where to get started.

PRIORITIZE SECURITY

One method of determining how to prioritize security tasks is to asses your vulnerabilities via a risk assessment. Security Pursuit will provide your company with a detailed look at your security strengths and shortcomings as well as a step-by-step plan to help you address critical vulnerabilities, risks, and threats. With this security audit in hand, you can get back on track with security hygiene you can brag about.

«  Back To All Articles
Next Article
  »
Misconfigurations for Office 365
5 Most Common Attacks That Dodge Your Firewall.
4 Pentest Paradoxes You Must Get Right
Do a Risk Assessment before buying MDR
6 Rules of Engagement for any Penetration Test
Cyber Alliance Program
Your Perimeter is Disappearing
Cybersecurity Acronyms for Retirement Administrators
XDR, MDR, SOAR - Acronyms of Cybersecurity Detection & Response
Test Blog Post 3
Test Blog Post 2
White Paper - XDR for Retirement Systems
The Total Cost of Ransomware - 7 Categories
The Power of Data Continues to Grow
Who Shares Responsibility for Data Security in a Health Crisis?
Identifying Cloud Security Gaps in a Remote Workforce
Mid-year Threatscape Assessment and Review of Significant Cyber Incidents
Front Line Report: 2020 Election Cybersecurity Threats
The Rising Stakes of Compliance: GDPR, CCPA, and Others
Increasing Healthcare Cybersecurity With a Proactive Defense Strategy
5 Ways to Lower Risk and Maintain Privacy in Your Organization
9 Tips for Detecting and Preventing DDoS Attacks
5 Ways to Secure Your Access Control Vulnerabilities
6 Strategies to Prevent SQL Injection Attacks
7 Commonly Neglected Security Tasks: DMARC, DNS Calls, And More
The Impact Of A Cyber Attack On A Nation
History Matters: Cyber Attacks From The 1980S
What Healthcare Organizations Need To Know About Samsam Attacks
Reflecting On 2019: Blockchain, AI, Machine Learning, Cryptojacking, And More
California Consumer Privacy Act (CCPA): What You Need To Know
Why Covid-19 Phishing Criminals Love Machine Learning (Ml)
Malicious Bot Activity Continues To Rise As Employees Work From Home
How Crypto-Agile Is Your Organization?
How Businesses Can Prepare For The Coming Iot Surge
Where To Find Cybersecurity Help: Addressing The Security Expert Shortage
Ransomware: To Pay Or Not To Pay?
How Expensive Is A Data Breach?
Looking Ahead: The Cybersecurity Landscape In 2021
Attack On Solarwinds Infiltrated U.S. Government Networks: What It Means For You
5 Best Practices To Secure Your Remote Workforce
Top 5 Most Dangerous Ransomware Attacks — And How To Protect Your Business
Reduce Data Breach Costs With Artificial Intelligence
5 IoT Trends To Continue Watching In 2021
AI Poisoning: What You Need To Know To Protect Your Business
Zero Day Exploits: Advanced Cyberattacks
Why Users Should Never Auto-Fill Forms: Browser Exploit Overview
Don't Be Fooled By Padlocks And SSL Certificates
5 Ways To Shield Executives From Whaling Attacks
How Artificial Intelligence (AI) Is Helping Cyber-Criminals
Why Breaches Are Becoming More Difficult To Defeat
History Matters: Cyber Attacks From The 1960S
History Matters: Cyber Attacks From The 1970S
History Matters: Cyber Attacks From The 1990s
History Matters: Cyber Attacks From The 2000S
The Rise Of Mobile Malware
Growing Concerns Over Voice Phishing Scams
Stopping The Spread Of 5G Security Vulnerabilities
Why Small Business Is A Big Cyber Crime Target
Feeling The Heat: Geopolitical Cybersecurity Threats
The Role Of Artificial Intelligence In Effective Cyber Attacks
Absolute Zero: Zero Trust And Zero Standing Privileges
Data Security Challenges in the New Era of Remote Work
Why Penetration Testing Has Never Been More Important
5 Ways to Protect Your Business From Phishing Attacks in 2021

join our email list

Security Pursuit logo
LinkedIn iconlinkedintwitter logoTwitter iconFacebook iconFacebook icon
Professional ServicesProduct Solutionsaboutpartnersblogcontact
denver office
2000 Araphahoe Street, Suite 1
Denver, CO 80205
720-675-7668
LinkedIn iconlinkedintwitter logoTwitter iconFacebook iconFacebook icon
san francisco office
2315 Montgomery Street, 10th Floor
San Francisco, CA 94104
415-735-4225
© 2021
Designed by H1 Web Development