Securing an environment, any environment, is daunting to most. When dealing with corporate networks a layered approach is the most effective means of deterring threats.
2.Network access control
3.Spyware detection and preventions
4.Security and event log management
How one goes about dealing with each bullet above depends on manpower and available budgets. I have seen some firms spend millions to secure their environment but still remained vulnerable. I have also seen some try a total umbrella approach. Again, this was a failure. There is no magic bullet to enterprise security.
The best approach is to understand your environment then talk to your peers on how they are securing their environments and then formulate a plan that best fits you.
Securing any environment should be organic in nature. I strongly believe that enterprises are constantly growing and changing. Solutions you implement should also grow and change with your environment.
Here is quick list to get started:
1. Inventory your whole environment. Know what hardware and software you have.
2. Have a base image for your desktop PCs and servers. This image should be secured.
3. Lock down your core/edge network. Lock all open/unused ports.
4. Conduct penetration tests. Conduct these tests frequently and when possible, have outside vendors conduct them for you.
5. Monitor and review your logs – all your logs frequently.