nonprofit it security readiness for 2017
TRANSCRIPT
Security Readiness
WebinarSeries
March 2017
About Community IT
Advancing mission through the effective use
of technology.
100% Employee Owned
Presenter
Matthew EshlemanCTO
Background Reading
• Co-sponsored Idealware Security Report in 2016• http://www.idealware.org/reports/nonprofits-
need-know-security-practical-guide-managing-risk/
• Community IT Security Playbook• http://www.communityit.com/blog/security-pl
aybook/
• Security webinars• http://www.communityit.com/resources/2016-
jan-it-security-threats/• http://www.communityit.com/resources/webi
nar-february-18-2016-backups-and-disaster-recovery-for-nonprofits/
• 20 Critical Security Controls• https://citidc.sharepoint.com/sites/SecurityArc
hitecture/Shared%20Documents/Community%20IT%20Security%20Controls.docx?web=1
Current Landscape
• Increased sophistication in attacks• Financially motivated hacking• Credential trading• Increased organization awareness of risks of
security breach• IT controls part of financial audit• Complex security solution landscape
$1.2 Billion Paid in Ransomware
- 201798% of Malware found on only 1
systemBuild your own ransomware system for
$400
Security Breaches
to date
Brute Force Attacks• Brute Force attacks via RDP• Staff Accounts• Service Accounts
Credential Theft• Credential Theft• W2 Scam• Job Offer Scam
Compromised Partner• Compromised Partner• Account for Network Service• Account for printer
Security Awareness Training• SANS Securing the Human –
Resources1 – No Awareness Program2 – Compliance Focused3 – Promotes Awareness & Change4 – Long – Term Sustainment5 – Metrics Framework
• Focus Security Training
• Use Likelihood x Impact to identify biggest risks
Best Practices
• Password Policy• 8 characters minimum• 90 day age• Account lockout after 5 failed attempts,
10 min reset• 2FA for Cloud
• SSO for Cloud Applications• Rename Admin Account• Complex Service Account Passwords• Disable inactive & unused accounts• Remote access
• Enable NLA for RDP• Restricted Access for Server Admin RDP• RDP behind Firewall/RD Gateway• Direct Access/VPN• Go Cloud
• Security Awareness Training for Staff
Community IT Security Toolkit
• Windows and 3rd Party Patching• Barracuda Email Security• Webroot AntiVirus• 3rd Party Malware Scanner with
Autoremediation• Reporting in LabTech
• Active Directory PasswordAge• Active Directory PrivilegedUserReport• Successful Logon with Geolocation
• Crowdstrike Falcon Host with Overwatch• Security Awareness Training
• Phishing test• Online learning
UpcomingWebinar
Single Sign On (SSO)Wednesday April 19 4:00 – 5:00 PM EST