With our Summer Secure series on Linkedin, all summer long, we've been sharing weekly tips on how to reduce risks and protect your IS. If you missed them, here's a summary of the 8 key tips.
1. Apply the least privilege
- Each user must have only the rights required for his mission.
- Too many privileges = too many doors open to cybercriminals.
- IAM tools and regular audits help CISOs to gain better control.
👉 A regular review of permissions helps reduce the attack surface.
2. Activate MFA: +99% of compromises avoided
According to Microsoft, multi-factor authentication _BOLD prevents over 99% of account compromise attacks.
Password stolen? Access remains blocked. Authenticator, push notification or physical key: there are different methods, each with its own advantages.
👉 Deploying MFA to enhance safety.
3. Encrypt your sensitive data
Share a confidential file without protection, use a personal cloud or store in the clear... so many mistakes that can be avoided.
- Use secure, validated solutions (Tresorit, OneDrive Entreprise, in-house tools, etc.).
- Encrypt your documents before sharing them.
- Limit access and expire unnecessary rights.
- Ban "quick" out-of-frame shares.
👉 Data encryption is an essential safeguard against intrusion.
4. Say goodbye to weak passwords
"123456", "azerty", "admin": these passwords are still all too common in mission-critical environments.
The solution? A enterprise safe (KeePass, Bitwarden...) to generate,
encrypt and share passwords securely.
A compromised password can be enough to open the doors of your infrastructure.
Hence the importance of a corporate safe, which allows you to :
- Generate unique and complex passwords.
- Encrypt and centralize sensitive access.
- Share access in a controlled way.
👉 Simplifying password management encourages more secure use.
5. Respond quickly to cyber incidents
A dubious click, a suspicious file, a workstation behaving strangely?
The golden rule: it's better to deal with a false positive than to ignore a real attack.
The right reflexes when in doubt about security incidents :
- Do not minimize an alert.
- Immediately notify IT, CISO or cyber service provider.
- Disconnect the workstation concerned from the network, but do not switch it off.
- Document what you've observed (time, actions, etc.).
Prevention means adopting the right reflexes, making all employees aware of what to do, ... and also involves anticipation. Having a disaster recovery plan (DRP) or business continuity plan (BCP) in place helps to limit the impact and ensure rapid business resumption.
👉 Time is always against victims of cyber attacks. Reacting early limits the impact.
6. Secure your cloud migrations
Visit cloud is not just an infrastructure: it's an opportunity to rethink your practices.
Here are a few best practices to incorporate into your approach right from the start:
- Define a clear governance model right from the planning stage.
- Apply the principle of least privilege to user and service access.
- Segment your environments (prod / test / dev) to avoid cross-configuration errors.
- Automate deployment and security rules (Infrastructure as Code, policies, alerts).
- Encrypt data at rest and in transit, systematically.
- Integrate continuous supervision: logging, anomaly detection, regular auditing.
👉 A controlled cloud = a resilient, secure architecture.
7. Delete inactive accounts
Every dormant account is a useless entry point for an attacker. It's a useless attack surface, often overlooked, but frequently exploited in intrusions.
So we're thinking :
- Deactivate inactive accounts after a certain time.
- Systematically decommission accounts when employees leave (departure, end of assignment, etc.).
- Automate procedures for deactivating obsolete accounts.
- Carry out regular access reviews.
👉 One inactive account removed = one less vulnerability.
8. View your exposed assets
Business applications, test servers, forgotten databases... every forgotten asset is an entry point for an attacker. Every unidentified asset is a potential vulnerability. And to keep control, you have to see what the attacker sees.
- Benefit from complete coverage of your exhibition space.
- Ensure continuous monitoring of your exposed assets.
- Obtain contextualized interpretations of alerts.
- Prioritize actions according to the actual criticality of the risks detected.
This is precisely the role of AlgoLighthouse, our managed external attack surface management service (EASM).
👉 No safety without visibility.
À propos : Le blog d'AlgoSecure est un espace sur lequel notre équipe toute entière peut s'exprimer. Notre personnel marketing et commercial vous donne des informations sur la vie et l'évolution de notre société spécialisée en sécurité sur Lyon. Nos consultants techniques, entre deux tests d'intrusion ou analyses de risque, vous donnent leur avis ainsi que des détails techniques sur l'exploitation d'une faille de sécurité informatique. Ils vous expliqueront également comment sécuriser votre système d'informations ou vos usages informatiques particuliers, avec autant de méthodologie et de pédagogie que possible. Vous souhaitez retrouver sur ce blog des informations spécifiques sur certains sujets techniques ? N'hésitez pas à nous en faire part via notre formulaire de contact, nous lirons vos idées avec attention. Laissez-vous guider par nos rédacteurs : Alessio, Alexandre, Amine, Anas, Arnaud, Benjamin, Damien, Enzo, Eugénie, Fabien, Françoise, Gilles, Henri, Hicham, Jean-Charles, Jean-Philippe, Jonathan, Joël, Joëlie, Julien, Jéromine, Lucas, Ludovic, Lyse, Matt, Nancy, Natacha, Nicolas, Pierre, PierreG, Quentin, QuentinR, Sébastien, Tristan, Yann, Yannick, et bonne visite !