For several months, with my manager, we have worked a lot on IS security.
The company had indeed basic notions of cybersecurity, without falling into non-security either. We had proper password management, a firewall blocking all unauthorized requests, user training from time to time, among other things.
However, as standards evolve, we have relied on the information provided by ANSSI to improve our security.
For several months, we set up, in coordination with the manager, an PSSI, and an IT charter.
We used different ANSSI methods to identify our critical resources, identify our risks and thus be able to define several actions to be implemented in order to make the IS a little safer.
One of the main security measures put in place concerns the training of users. From now on, all new arrivals are given a training course of about an hour in good security practices, what they should not do, and how to contact the IT department. This training is constantly evolving and is reviewed regularly in order to incorporate ANSSI’s developments.
The second measure being implemented concerns the network: better isolation of flows, implementation of a double airlock system and then triple airlocks in a second phase. Password management has also been reviewed, as well as the implementation of double authentication. Finally, a well of logs has been set up, and a SIEM is being deployed.
I am not going to dwell on the measures put in place, not only because it would be too long (more than 100 measures identified), but also so as not to compromise the security of my company’s IS.
