Security as a Side Effect: Practical Examples

TL;DR

Security as a side effect means improving your cyber security without making it the primary goal of your changes. You achieve better protection by doing things that are good for other reasons – performance, reliability, usability – and which *incidentally* boost your security posture. This guide shows how.

Improving Security Without Trying: Practical Examples

1. Automated Backups
   • Why it helps security: If ransomware hits or a server fails, backups are your fastest recovery route. They limit the impact of attacks and reduce pressure to pay ransoms.
   • How to implement: Use tools like rsync (Linux/macOS) or Windows Server Backup. Schedule regular, offsite copies.

     rsync -avz /path/to/data user@backup_server:/path/to/backup_destination

2. Regular Software Updates
   • Why it helps security: Patches fix known vulnerabilities. Outdated software is a major entry point for attackers.
   • How to implement: Enable automatic updates where possible (e.g., Windows Update, macOS System Preferences). For servers, use package managers:

     sudo apt update && sudo apt upgrade -y

     (Debian/Ubuntu) or yum update -y (CentOS/RHEL).

3. Principle of Least Privilege
   • Why it helps security: Limiting user access means even if an account is compromised, the attacker can’t do much.
   • How to implement: Don’t give everyone admin rights! Create separate accounts for different tasks. On Linux:

     sudo adduser newuser

     sudo usermod -aG groupname username

     (Add user to a specific group).

4. Input Validation
   • Why it helps security: Prevents attackers from injecting malicious code (like SQL injection) through forms or data entry fields.
   • How to implement: Sanitize all user input before using it in queries or displaying it on your website. Example PHP:

     $safe_input = htmlspecialchars($_POST['username'], ENT_QUOTES, 'UTF-8');

5. Network Segmentation
   • Why it helps security: Isolating different parts of your network limits the spread of attacks. If one segment is compromised, others remain safe.
   • How to implement: Use VLANs (Virtual LANs) or firewalls to create separate networks for different departments or functions.
6. Monitoring and Logging
   • Why it helps security: Detects unusual activity that might indicate an attack. Logs provide evidence for investigations.
   • How to implement: Use tools like auditd (Linux) or Windows Event Viewer. Centralize logs with a SIEM (Security Information and Event Management) system.

     sudo auditctl -w /path/to/important_file -p wa -k important_changes

7. Using HTTPS
   • Why it helps security: Encrypts communication between your website and users, protecting sensitive data like passwords.
   • How to implement: Obtain an SSL/TLS certificate (Let’s Encrypt is free) and configure your web server to use HTTPS.

The key takeaway is that many good IT practices have positive security implications. Focus on building a reliable, well-managed system, and you’ll naturally improve your cyber security.