Jump to content

New to the Security scene


Starphisher

Recommended Posts

Hello Hak5 enthusiasts-

I'll start with the question and end with more information about myself.

I just recently accepted a new job as an IT Security Analyst. The job is somewhat entry level, but I am being asked some high-level questions and for the most part, I am getting through them with just a little bit of research. So, my question is, what do I do first? Is there a list of "Must haves" that anyone has that can help point me in the right direction for locking down my business?

About myself and the company. I have Security+ certification through COMPTIA (the lifetime cert back I got back in 2010). I am currently enrolled in University of Phoenix and taking the Information System Security bachelors degree. My knowledge/skill level could be considered Entry to Intermediate. I am a 25U in the US Army and I work side by side with out network admins, but my network skills are most definitely entry level. I have no problem learning new things related to IT, I learn very fast, but I feel like I am a bit lost and overwhelmed.

My company has about 450 users, we are using cloud based services along with our own local physical servers/firewalls. We use Barracuda and we have had some issues, but for the most part it works pretty well. I've already created an AUP (Acceptable User Policy), SRP (Security Response Plan), BCP/DR (Business Continuity Plan and Data Recovery Plan), Removable Media Policy, Password Requirement Policy, and I just finished our TT&E guide which I referenced NIST 800-84 for a lot. Oh.. and I am the ONLY Security guy. I work closely with our Sr. IT Analyst as he is our "network" guy and we also have an SCCM guy that builds our images and pushes updates.

I would really appreciate any input you guys have to help me secure my network.

-L

Link to comment
Share on other sites

Hey Starphisher,

I was in the same boat as you, when i was working on my degree I got a job as the only security expert on staff at an organization. I learned pretty quickly that to be good at your job you needed to know the network like the back of your hand. You should know all of the infrastructure and how it works, also make sure it is updated regularly. Since you're just getting started I would suggest that you build a replica of their network in your own lab setting with some virtual machines so that you can have practice setting it up and gain knowledge on how it works. You should also know if your vendors have regular patch cycles like, Microsoft's patch tuesday, and then stay up-to-date on patching your machines.

I work as a developer now so I've been out of the IT side of things for a few years so I'm sure that someone else will have much more useful advice for you than I do. Once you get the hang of it and know your environment you will become more comfortable with, don't let it overwhelm you.

Edited by newbi3
Link to comment
Share on other sites

I've already created an AUP (Acceptable User Policy), SRP (Security Response Plan), BCP/DR (Business Continuity Plan and Data Recovery Plan), Removable Media Policy, Password Requirement Policy, and I just finished our TT&E guide which I referenced NIST 800-84 for a lot.

My advice to you would be to now test all these.

You have established personnel behaviour policies. Verify that it's being adhered to, find out ways people are (trying to) circumvent it, and how you can both get them to do things the right way and prevent them from doing it the wrong way as early on in the process as possible. Educate the staff on the rules, why they're required and how it's in their interest to follow them.

You've worked out how you should deal with business problems. Try testing them. See if the plan is being followed and that it does what you expect it to do. Refine, lather, rinse, repeat. Bring in an external auditor to go over things to make sure all bases are covered. Get someone to do a pen test.

Guides, policies and plans are only paper - make sure people know about what's in them, follow the regulations imposed on them and react as you scripted them to in specific situations.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...