Sophos Security Advice for Cyberoam Customers
|Many companies continue to enable their employees to work remotely. Sophos would like to remind Cyberoam customers of some security best practices.|
Cyberoam appliances come with a default admin password to use when you can set them up. You must change this password to something new and unique for each appliance.
Pick proper passwords – never use anything that is easy to guess such as your company name, a nickname or an everyday word. Try mixing up uppercase and lowercase letters, punctuation and digits, and go as long as you can. Aim for 14 characters or more if possible.
Never use the same password on more than one appliance, or even on more than one account. Consider using a password manager to make it easy to choose complex, different passwords every time.
Educate your end users to pick proper passwords, too. Wherever possible, use One Time Passwords (OTP) or Multi-Factor Authentication (MFA) for additional security.
For a quick video on password tips, please view https://nakedsecurity.sophos.com/2014/10/01/how-to-pick-a-proper-password/
WAN and VPN Zone
Reduce what is called your “attack surface.” Don’t expose any services in the WAN and VPN zone unless needed.
Turn off the HTTPS admin services if you are not using them. If you must enable the HTTPS admin services in the WAN zone, ensure that it is IP restricted. Deactivate the User Portal service if you are not using it.
Maintenance Releases (MRs), Patches and Hotfixes
Install the latest Cyberoam MRs as quickly as you can so you are not running outdated firmware. Enable the Over-the-air Hotfix feature on your Cyberoam appliance so you have the most up to date protection.
Apply the latest patches for the operating systems and software applications you use. Most modern operating systems, security software and productivity apps can install updates automatically, so use these auto-update features if you can.
Create a regular patching routine and stick to it, so you know you are always up to date and protected against the latest known vulnerabilities.
Create security guidelines for your employees that are easy to understand. Not all employees are security experts, but helpful tips about passwords, how to spot phishing emails, and how to browse safely will go a long way towards protecting your organization.
If you have any questions about security best practices, please reach out to your partner or Sophos representative.
Your Sophos Team