Ungasabela kanjani ekuhlaselweni kwewebhu kuwebhusayithi yakho futhi uvikele ibhizinisi lakho eliku-inthanethi

  • Yenza kusebenze ukwesekwa kobuchwepheshe ngokushesha futhi uhlukanise isayithi ngekhasi lokulungisa elivikelekile.
  • Hlaziya ububanzi bokuhlasela, shintsha amagama ayimfihlo, futhi uqinise ukufinyelela ngezinyathelo ezithuthukile.
  • Sebenzisa izipele ezithembekile, i-WAF, nokuqeqeshwa kwe-cybersecurity kweqembu lonke.
  • Bhala izehlakalo futhi uthuthukise ngokuqhubekayo uhlelo lokuphendula ukuze unciphise ubungozi besikhathi esizayo.
Susana Maria Urbano MateosKubuyekezwe ngomhla ka-

Imizuzu ye-6

ukuhlaselwa kwewebhu

Akukhathalekile ukuthi ibhizinisi lethu eliku-inthanethi lincane noma likhulu, kuzohlala kunengozi ethile yokuthi sizohlupheka ukuhlaselwa kwewebhu ngabaduniIzigebengu ze-Cybercriminal zibheka kokubili ubungozi bobuchwepheshe nobuntu, futhi noma iyiphi isayithi egcina noma edlulisa idatha ingaba yimpokophelo. Yingakho kubalulekile ukwazi Ungasabela kanjani ekuhlaselweni kwewebhu futhi yiziphi izinyathelo okufanele uzilandele kusukela kusibonakaliso sokuqala kuya ekutholeni ngokugcwele.

Kubalulekile ukwaziswa ngakho Okufanele ukwenze uma lokhu kwenzeka kanye nendlela yokulungiselela kusengaphambili, okulandelayo Amathiphu okuthuthukisa ukuphepha kwewebhusayithi yakhongoba imizuzu yokuqala namahora ngemuva kwesigameko abalulekile ziqukethe umonakalo, vikela imininingwane y ukuthobela izibopho zomthethoUma lesi kuyisimo sakho, noma ufuna ukwazi ukuthi usabela kanjani uma kwenzeka, lapha uzothola umhlahlandlela ophelele futhi osebenzayo.

Izinyathelo zokuphendula ekuhlaselweni kwewebhu ekhasini lethu

Ungasabela kanjani ekuhlaselweni kwewebhu

Xhumana nabasebenzi bosekelo

Uma une iseva yakho Xhumana nethimba lakho lobunjiniyela bezinhlelo noma isikhulu se-cybersecurity (CISO, umlawuli wezinhlelo, njll.). Bazokwazi ukusingatha isimo futhi bazokwazi hlaziya izinkomba zobuchwepheshe zokuhlasela (izingodo, i-antivirus noma izexwayiso ze-EDR, imilayezo yewebhu, ukunensa kweseva okungajwayelekile) futhi izovula uhlelo lokuphendula ngesigameko Uma ikhona.

Uma ibhizinisi lakho lewebhu liku-a iseva yangaphandle noma uqashwe a umhlinzeki wokubambaThola inombolo yokwesekwa noma isiteshi bese uchaza isimo ngemininingwane eminingi ngangokunokwenzeka: lapho inkinga iqala, yimiphi imilayezo noma amaphutha avelayo, uma okuqukethwe kushintshile, futhi uma kukhona izexwayiso zokuphepha ezitholiwe. Bazokuqondisa ukuze uxazulule inkinga yakho futhi bangakwazi uku... hlukanisa indawo ethintekileBuyekeza izingqalasizinda zabo futhi, uma kufanele, uhlanganyele namanye amathimba akhethekile (isb., i-CERT yesithenjwa).

Qondisa kabusha ikhasi lakho ekhasini "lokulungisa".

Vimbela amakhasimende akho ukuthi angacabangi ukuthi ikhasi lakho linyamalele noma lifakwe ebucayini ngokubonisa okuqukethwe okunonya. Setha a ikhasi "lokulungisa" lesikhashana noma "lingaphansi kokulungiswa".Uhlale uxolisa ngokuphazamiseka futhi ubamema ukuthi babuye ngesinye isikhathi. Lokhu kuvikela isithombe somkhiqizo futhi kunciphisa ukuchayeka kwabasebenzisi kumaskripthi angaba khona, izibhengezo, noma ukuqondisa kabusha okujovwe umhlaseli.

Leli khasi lokulungisa kufanele libe lula, futhi libe mahhala ikhodi esolisayo futhi isingathwe endaweni ithimba lezobuchwepheshe eliqinisekise ukuthi ivikelekile. Ngaleso sikhathi, isayithi eliyinhloko lingakwazi ukuhlala lilodwa ukuze lihlaziywe ngenkathi lisazisa abasebenzisi ukuthi udaba luyalungiswa.

Hlola ukuthi ukhona yini umonakalo odalekile

Izikhathi eziningi ukuphela kwento abayifunayo kubaduni Kubandakanya ukuvela kumawebhusayithi abanye abantu, ukulungisa ikhasi eliyisiqalo, noma ukushiya imilayezo ebonakalayo (ukonakala). Nokho, kwezinye izimo eziningi umgomo uwukuthi untshontshe imininingwane, sebenzisa I-malware, kusetshenziswa iseva ekuhlaseleni izinkampani zangaphandle noma ukubethela idatha nge I-ransomwareNgakho-ke, kubalulekile ukuthi kubuyekezwe kahle ukuthi kube khona yini ukwebiwa noma ukulahleka kolwazi futhi kubhalwe phansi yonke into.

Kanye nethimba lakho lonjiniyela, buyekeza okulandelayo Izici ezibalulekile:

  • Ubuqotho befayela kusuka kusayithi (izinguquko ezingagunyaziwe, amafayela amasha asolisayo, imibhalo engaziwa).
  • Yolwazi: amatafula ashintshiwe, amarekhodi asusiwe noma athunyelwe, ukuba khona kwabasebenzisi abadalwe ngaphandle kokugunyazwa.
  • Ukungena okungajwayelekile: amakheli e-IP angaziwa, ukungena ngemvume kwangemva kwamahora, imizamo eminingi ehlulekile.
  • Ukutholakala Izinkinga zeseva: ukuhamba kancane okudlulele, ukuphahlazeka okuqhubekayo, noma ukusetshenziswa okungavamile kwensiza kungase kubonise ukuhlaselwa kokunqatshelwa kwesevisi noma ukuba khona kohlelo olungayilungele ikhompuyutha.

Lokhu kubuyekezwa kuzosebenza ku thola izinga langempela lesigamekoUkunquma ukuthi yimaphi amasistimu adinga ukubuyiselwa kuma-backups nokuthi iyiphi idatha okungenzeka ukuthi isengozini kubalulekile ekuxhumaneni namakhasimende futhi, lapho kufanele, neziphathimandla.

Shintsha wonke amaphasiwedi futhi uthole amaphrothokholi amasha

Uma iwebhusayithi yakho isilungisiwe futhi usongo luqukethwe, engeza ama-plugins ezokuphepha namaphasiwedi amasha Ukuze kuthi uma lowo owenze lokhu kuhlasela ephinda ezama, bazohlangabezana nezinyathelo ezizomvimba. Kuyanconywa:

  • Usar amaphasiwedi aqinile nangawodwana kusevisi ngayinye (iphaneli yokubamba, i-FTP/SFTP, isizindalwazi, i-CMS, i-imeyili, njll.).
  • Yenza kusebenze ukuqinisekiswa kwezinto eziningi (MFA) noma nini lapho kungenzeka, ikakhulukazi ezindaweni zokufinyelela ezibalulekile.
  • Buyekeza futhi ubeke umkhawulo izimvume zomsebenzisingokukhipha ama-akhawunti angadingekile noma amadala.
  • Buyekeza konke izandiso, izingqikithi, nezingxenye komphathi wokuqukethwe ukuvala ubungozi obaziwayo.

Ngokungeziwe ekushintsheni kokuqinisekisa, cabanga ukusebenzisa amathuluzi afana ne-a i-firewall yesicelo sewebhu (WAF)Amasistimu okuthola ukungena noma amasevisi okuqapha aqhubekayo, asiza ukuhlonza ukuziphatha okungaqondakali ezigabeni zokuqala zokuhlasela okungenzeka.

Thatha izinyathelo zokuvimbela ukuthi kungenzeki futhi

Njalo yiba ne- yenza isipele ikhasi lakho, kokubili amafayela kanye nesizindalwazi, futhi ifake izivumelwano zokuphepha ezifana Izitifiketi ze-SSL/TLS Ukubethela ezokuxhumana futhi ufake izixazululo ezahlukahlukene zokulwa namagciwane noma ezilwa nohlelo olungayilungele ikhompyutha kumakhompyutha aphethe isayithi, sungula inqubomgomo ecacile yabo bonke abasebenzi ukuze bagweme ukuvula amafayela asolisayo, ukuchofoza izixhumanisi ezingabazekayo, noma ukuhlinzeka ngemininingwane ngama-imeyili noma amafomu angaqinisekisiwe.

Futhi kuyancomeka:

  • chaza a uhlelo lokuphendula ngesigameko lokho okukhombisa ukuthi ubani owenza ini, ukuthi isigameko sibhalwe kanjani nokuthi ubani owaziswayo.
  • Qaphela ukuhlaziya ubungozi ukuhlola ngezikhathi ezithile noma ukuhlola ukungena ukuze kutholwe amaphutha ngaphambi kokuba abahlaseli bakwenze.
  • Yakha iqembu imikhuba emihle ye-cybersecurityngoba iphutha lomuntu livame ukuba yindawo yokungena yokuhlaselwa okuningi.
  • Linganisa ukuqashwa kwe umshuwalense wengozi ye-cyber kanye nezinsizakalo ezikhethekile zangaphandle zokuthola ukwesekwa kochwepheshe ngezikhathi ezibucayi.

Izingqinamba ze ukuhlaselwa nge-cyber Izingozi ziyancishiswa uma sinezinyathelo ezidingekayo zokuqinisekisa indawo evikelekile kanye nenhlangano esebenzayo. Khumbula ukuthi asifaki engozini ulwazi lwethu kuphela kodwa nolwamakhasimende ethu, ngakho-ke ukwenza ngokushesha, ukuthembela kochwepheshe, nokufunda esigamekweni ngasinye kubaluleka ekuvikeleni ukuqhubeka kwebhizinisi nesithunzi.

ukuphepha ekuhlaselweni kwewebhu

Ukuba nendlela ebanzi ehlanganisayo ukuvimbela, ukutholwa kusenesikhathi, impendulo ehlelekile kanye nokwenza ngcono okuqhubekayo Lokhu kuzokwenza ukuzama ukuhlasela ngakunye kungabi nomthelela futhi kuvumele iwebhusayithi yakho kanye ne-e-commerce ukuthi kuhlale kuyindawo ethembekile kubasebenzisi bakho.

Ukubaluleka kwe-HTTPS
I-athikili ehlobene:
Ukubaluleka kwezitifiketi ze-HTTPS neze-SSL ezitolo eziku-inthanethi