Behind the Screens: Advanced Strategies for Insider Risk Prevention

Image via Freepik

Managing remote teams is more common than ever in today’s increasingly digital world. However, with this convenience comes a heightened risk of insider threats. There are recommended practices to mitigate these risks and protect your organization’s data. Techdeck.info shares some comprehensive strategies to help you achieve this goal (by providing some different perspectives compared to what is normally on continualintegration.com):

Reinforce Robust Password Protocols

Enforcing strong password policies is vital to safeguarding your remote team.

Can Windows Systems Be More Secure than Linux?

Question
Can Windows systems be more secure than Linux?

Answer
Yes. One example is the OpenSSH vulnerability that was disclosed in July of 2024. OpenSSH users on Linux were susceptible to a bug.

…we have concluded that Windows installations are not vulnerable.

https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

What Is The Command to Find What Version of SSH You Are Using?

Problem scenario
You are concerned you have an older, vulnerable version of OpenSSH. What command should you run to see what version you are using?

Solution
ssh -V

Versions from 4.4p1 up to, but not including, 8.5p1 are not vulnerable due to a transformative patch for CVE-2006-5051, which made a previously unsafe function secure.

https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

Why Does Clicking on a Norton Link for Power Eraser Take You to a Bootable Recovery Option?

Problem scenario
You got an error message about needing Norton Power Eraser (and that a common reason for installation failure of Norton is an infected computer). You clicked on the link and got a message about a boot recovery application with an .iso file. What should you do as it does not seem to match?

Solution
Ignore the link in the Norton app.

What Do You Do if Norton 360 Does Not Open?

Problem scenario
You double click on Norton 360, and it does not launch. What should you do?

Possible solution #1
Update Norton 360 by downloading it and using the download manager to upgrade your installation.

Possible solution #2
Remove Norton 360 with Norton Remove and Uninstall Tool:
https://support.norton.com/sp/en/us/home/current/solutions/v60392881
The uninstallation process can take 20 to 25 minutes.

How Can You Find out if an FQDN, IP Address or Email Address are those of a Spammer?

Problem scenario
You are not sure if an email address is associated with spam. Someone make comments on your blog. You are not sure if they are legitimate comments or if it is someone trying to spam a website or create a message that is an advertisement. What should you do to check-in on the email address?

Solution
Try https://cleantalk.org/blacklists/

On cleantalk.org you can search for IP addresses,

How Do You Become the Root User when You Forgot the Root Password?

Problem scenario
You cannot use sudo because a relevant .so file has been deleted. You do not know the root password, and you are using Fedora. What should you do?

Solution
Change the root password with a bootable DVD or USB drive with the .iso of Fedora. Boot to the DVD or USB drive. Then use these directions.

How Do You Use Partitions on a Disk and Have Complete Disk Encryption with Ubuntu?

Problem scenario
You want your entire hard disk to have encryption. You want to install Ubuntu Linux with partitions. What do you do?

Solution
Follow these directions, but make sure the second partition (with GRUB) uses 80 MB. To do this, mentally find this command “sgdisk –new=2:0:+2M $DEV” here:
https://help.ubuntu.com/community/Full_Disk_Encryption_Howto_2019

When you get to that command,

How Do You Get Passwords to Expire for Existing Users?

Problem scenario
You want passwords to rotate periodically for all users. You modified the /etc/login.defs file, and new users are inheriting the temporal rotational policies for passwords. How can pre-existing accounts be forced to periodically change their password?

Solution
Use this command for every password (but replace “jdoe” with the user you want to change and replace “30” with the number of days you want the password to last for before the user is forced to change it):

sudo chage -M 30 jdoe

# The user can still log in one more time after expiration. …