Index
Carlos Silva)

Carlos Silva

IT Principal Security Engineer

How can you protect your company against cybercriminals if you don’t know where your vulnerabilities are?

With threats constantly emerging, regular IT security checks are critical to the health of waste and recycling management companies. How can you protect your company against cybercriminals if you don’t know where your vulnerabilities are? With threats constantly emerging, regular IT security checks are critical to the health of waste and recycling management companies.

Whether your infrastructure is on-premise or on the cloud, you have security responsibilities not only to your company but also to your clients for the protection of their data. You’re expected to keep up with constant updates and patches for all the different systems and software being used.

Failure to carry out regular security checks, find flaws and take action enable attackers to exploit vulnerabilities at all layers. The keyword here is ‘regular’. Annual security checks are really only doing the bare minimum. The bare minimum still puts you at risk. It’s worth noting that the average cost of downtime due to ransomware attacks in 2020 hit over $275,000 U.S. Few waste and recycling management companies can afford that.

Some companies perform security checks once a month. Others, quarterly. The more on top of your security you are, the better your cyber resiliency.

The debate raging between on-premises security versus cloud security is misguided. Both require security overhead for you to manage, so it comes back to you and what you’re willing or able to do. Where cloud platforms have an advantage is that some of the overhead is removed from you and taken on by your cloud provider.

We’ve put together this security checklist to help you increase your security posture and lessen your risk. There’s no better time than now to use it.

WASTE & RECYCLING MANAGEMENT CHECKLIST

Yes

No

1. Educate your team and users

Create a Basic Program for Awareness.

To be effective, your program will need employee buy-in. Get them to understand the consequences of failing to think before they click. Design hands-on activities that demonstrate, for example, the damage a link within an email can do when it’s infected with malware.

[]

[]

2. Implement an audit on IT processes

Where are the vulnerabilities in your security?

An audit enables you to uncover your weak spots, assess your ability to deflect attacks and test your cyber resiliency. You should also talk to employees as part of the process to find out if they’re adhering to company policy. Finally, take immediate action based on your findings, whether that’s addressing specific security issues or upgrading technologies.

Note: This is also the ideal time to ensure you’re compliant with data security laws.

[]

[]

3. Undertake a Patch Management Program

An astonishing 57% of cyberattack victims admit they could have prevented the breach by installing an available patch, according to a 2018 report by the Poneman Institute.

A mature security framework depends on fast application of patches. The longer you wait, the longer the door is left open for bad actors. You’ll need to inventory all hardware and software. The patching process involves not only your servers, but also endpoint devices.

Your Patch Management Program should include WSUS (Windows Server Updates Services), which allows companies to selectively approve updates, choose when they’re delivered, and determine which individual devices or groups of devices receive them. Microsoft’s SMS for Patch Management is another excellent resource.

[]

[]

4. Implement log monitoring

Improving incident response requires your log files. These are indispensable to properly troubleshooting application and system problems. Log monitoring software evaluates log events as they’re being recorded. Software isn’t absolutely necessary, but with many reliable solutions available, it makes the process more efficient. You can also configure alerts that notify you in real-time of incidents. You can undertake analysis immediately and get to the root of the problem faster.

[]

[]

5.  Fulfil a Vulnerability Management Program

Multiple compliance, audit and risk management frameworks now require a Vulnerability Management Program. Part of your program will include reporting on the state of your network assets. Use a reputable vulnerability scanner for this.

Discovering how exploitable your system is provides the intelligence to help you find the right balance between patching vulnerabilities and interrupting your company’s operations.

[]

[]

6. Implement Strong Authentication

Single-factor authentication – requiring only a username and password – is a low-security method and common vulnerability. Consider multi-factor authentication, or 2FA (two-factor authentication), to add an additional layer of security, which should be done at the very least.

Identity-based authentication is the preferred route to secure your cyberinfrastructure, but if you’re using legacy systems with outdated hardware and software, this won’t be possible. Identity-based authentication – as it applies to Microsoft Azure cloud – offers mature capabilities for secret rotation, lifecycle management, administrative delegation, and more.

[]

[]

7. Segment your network

Take an architectural approach and segment your network into smaller subnets, with each performing as its own network. Subnets use IP addresses to partition a network and define the subnet and devices inside those networks. You control the traffic flow between these subnets to protect assets, preventing unauthorised users from entering. By creating a layer of separation between servers, you can also minimise damage if there is a breach. If one network is compromised, network segmentation gives you time to respond before the attacker can reach another network.

[]

[]

 8. Use a Zero-Trust Network strategy

Trust no one – not even colleagues already inside the network perimeter. This is the premise behind a Zero Trust strategy, which involves creating microperimeters of control around critical data. By leveraging network segmentation to prevent lateral movement, the attacker’s efforts that went into breaching the network in the first place are wasted.

Zero Trust assumes that everything, from the device to the connection – even the user – is already compromised. This is not a specific technology. It’s strategy, and it needs to be part of your network segmentation architecture. Don’t neglect to apply Zero Trust to every endpoint device.

[]

[]

9. Migrate to Software as a Service (SaaS)

Working on the cloud does not reduce threats, but it does reduce your burdens in managing security. The provider takes away some of the responsibility for protecting your application server and systems, and that’s a good thing when you already have enough to do.

AMCS Platform, designed specifically for the waste and recycling management industry, is the best-in-class ERP leveraged on Microsoft Azure.

This is an important point, because Microsoft Azure benefits from over £1 billion spent annually on security. It offers a level of protection that would be next to impossible to implement on-site.

[]

[]

Must read, must watch

2021 needs to be the year for cybersecurity readiness. Read our blogs and watch the AMCS Security webinar in partnership with Microsoft.

Watch the Cyber Security in the Cloud Webinar on-demand

Share this on:
scale your business with performance sustainability

Let AMCS show you how to optimize for efficiency, increase your profits, and grow your business.

Ensuring cyber security in the cloud

Safeguard your waste and recycling business with expert cyber security solutions

webinar on demand: AMCS Platform overview

This webinar gives an introductory overview of AMCS Platform, the end-to-end cloud solution allowing for full visibility into your operations.