Proper maintenance of computer security can help reveal where there are weaknesses in your security implementation so you can strengthen security and thus help to prevent attacks. For a computer support technician, troubleshooting security usually means responding to user complaints that they are unable to access resources because security is too tight. As a computer support professional, you might have direct responsibility for security maintenance and troubleshooting, or you might be charged with identifying issues and escalating them to a dedicated security support team.
There are some general steps you can take to maintain security and to troubleshoot security problems.
- Do walkarounds to check the status of physical access controls such as fences, security doors, parking lot lights, and cameras. Be sure intruders cannot easily access key equipment items such as network cables, routers, and switches.
- Review security videos regularly.
- Implement auditing on key systems and review the audit logs regularly. Investigate or report any unusual events.
- Work with your security vendor to make sure all physical security devices such as biometric controls are properly calibrated and functional.
- Review corporate security policies and verify that your systems are in compliance. Post the policies where users can access them. Make sure users know how to report security incidents if they do occur.
- Hire a consulting company to perform an occasional security audit to evaluate your current security systems and make recommendations for improvements.
- Some companies might undertake staged attacks to determine where an attacker might penetrate security holes.
- If a user cannot access websites, make sure the browser’s security settings are not too restrictive.
- If the user cannot access the contents of ﬁles, check the ﬁle permissions for the user and any groups the user belongs to. Also see if the ﬁle is encrypted; ask the ﬁle owner or an encryption recovery agent to open and decrypt the ﬁle.
- If the user cannot access network resources, check share permissions on folders and print permissions on printers for the user and any group the user belongs to. Check the local NTFS permissions for ﬁles and folders as well; when share and ﬁle system permissions combine, the most restrictive permission applies.
- If a user cannot log on using a biometric device, you might need assistance from the system vendor to resolve the problem.
- Train users to recognize possible social engineering attacks and hoaxes so that they can deﬂect these attacks in progress and report them for further investigation.
- If a user cannot access data outside the company, you might need to open ports on a ﬁrewall.
User awareness and education:
User education and awareness is a key step in securing systems and data. Users must be able to recognize possible threats and take proper actions to report them.