As an IT Pro, it's never enough to know what's important in terms of the security in your organization, and it's never late to get started to know what you haven't been aware of. And the most important, it's never end. You will never be able to get rid of it unless you want to quit. Here is the summary of Top 10 Security Mistakes, a nice post on Canadian IT Professional Blog a few month back.
1. Password Management - Issues include poor password policies or enforcement of those policies, re-use of passwords, and password storage.
2. Patches and Upgrades - Some issues here include no inventory (how do you know what to patch?), no reporting on status of patch deployment, legacy applications that are no longer patched, and the "deploy and forget" methodology of software deployment.
3. NTFS and Share Permissions - Remember that permissions are cumulative (except Deny always wins), never grant permissions to users and always use groups, install Windows 2003 fresh rather than upgrade and use security templates and GPO's to set and maintain security. Everyone having Full Control everywhere is never good, remember Anonymous is part of Everyone!
4. Too Much Privilege - Always follow the rule of least privilege! And never use a domain or enterprise admin account to run services.
5. Administrative Practices- NEVER use a domain or enterprise admin account for your day to day activities and don't use those accounts to login from a standard workstation. (in my own practice, bad, I haven't gotten started to use this principle that I have known for years)
6. Unused Services - needless to say, removing unnecessary services will reduce the attack surface.
7. Auditing and Logging - Auditing is crucial but it is also important only to audit what is important. (That is something I really need to focus on, really)
8. Backups - Always test your DR plan as well as your recovery procedures. And remember that backups are only part of your DR plan.
9. Security Education - It's a key to a secure environment.
10. Incident Response - NEVER touch the compromised computer, delete any files, or do anything without the approval of your security officer. Doing so could destroy the evidence needed to determine what happened and how to prevent it from happening again.
[A Reader's Toolbox] Latest file sharing applications have made it possible to share your documents across globe. The advent of data recovery program has enabled companies to recover their data if it is deleted. However data recovery is very useful because it can save all of your precious data. If you do not backup your data then you must have recovery programs. You will find bundle of software in data recovery group.