1.
Improperly configured third-party websites pose security risks to internal
assets
Implement IDS/IPS (to monitor and detect malicious traffic from external sources).
Implement IAM program (to enforce access management for third-party interactions).
Require two-factor authentication (to strengthen access control mechanisms).
2. A large volume of ICMP traffic is detected from an external source to Server2
Filter echo request replies (to block excessive ICMP traffic).
Implement IDS/IPS (to detect and alert anomalous ICMP activity).
Implement firewall rules (to restrict unnecessary ICMP traffic).
3. A large number of potentially malicious emails is reaching end-user and
shared mailboxes
Implement mail filters (to block phishing or spam emails).
Implement SPF (to verify email sender authenticity).
Implement DLP (to prevent sensitive data from being leaked via email).
4. A list of patient prescription information was emailed to the incorrect
recipient
Implement DLP (to detect and block unauthorized data sharing).
Implement email encryption (to secure email contents from unauthorized access).
Require data deidentification (to anonymize sensitive patient information).
5. The internet-facing web server allows access to data without requiring
credentials
Require two-factor authentication (to secure access).
Implement IAM program (to enforce access control policies).
Implement web content filter (to restrict unauthorized access).
6. PHI data was found within the development and test environments
Require data deidentification (to anonymize PHI data in test environments).
Implement FDE on DB and file servers (to encrypt sensitive data).
Implement file integrity monitoring (to detect unauthorized changes).
7. Sensitive materials were found on a fax machine in a common area
Relocate devices to secured locations (to restrict physical access).
Implement PIN to print (to control access to printed materials).
Implement physical access controls (to secure the physical environment).
8. Unauthorized software was discovered on technician workstations
Implement approved software listing (to prevent unauthorized software installations).
Implement MDM solution (to monitor and control workstation configurations).
Implement file integrity monitoring (to detect unauthorized software changes).