Security recommendations
To ensure secure operation of Kaspersky MLAD at an enterprise, it is recommended to restrict and control access to equipment on which the application is running.
Physical security of equipment
When deploying Kaspersky MLAD, it is recommended to take the following measures to ensure secure operations:
- Restrict access to the room housing the server with Kaspersky MLAD installed, and to the equipment of the dedicated network. Access to the room must be granted only to trusted persons, such as personnel who are authorized to install and configure the application.
- Employ technical resources or a security service to monitor physical access to equipment on which the application is running.
- Use security alarm equipment to monitor access to restricted rooms.
- Conduct video surveillance in restricted rooms.
Information security
Important! ML model parameters directly impact the detection of anomalies, therefore they can only be changed by Kaspersky MLAD administrators. The date of last modification to the ML model (activation, or change of the name, threshold MSE value or MSE weights) is available in the Models section. The change history is available only in logs, which are saved for only a limited amount of time.
When using the web interface, it is recommended to also take the following measures to ensure the data security of the intranet system:
- Provide users with access to the application through the web interface only.
- Install certificates to users' computers for authorization of the Kaspersky MLAD server with their browser. To use a trusted certificate, you need to contact your administrator.
- Ensure protection of traffic within the intranet system.
- Ensure protection of connections to external networks.
- For connections through the web interface, use passwords that contain at least 8 characters, including letters and numerals. Ensure that passwords are confidential and unique. If a password has been potentially compromised, change the password (in the current version of the application, only an administrator can change a password).
- Set a time limit for a user web session.
- After you are finished working in the browser, manually terminate the application connection session using the Sign out option in the web interface.
- Periodically install updates for the operating system on the server where Kaspersky MLAD is deployed.
- Use access permission control to restrict user access to application functions.
Data security
While working with Kaspersky MLAD, it is recommended to also take the following measures to ensure data security:
- Perform periodic data backups of the server that has Kaspersky MLAD installed in accordance with the internal company procedure.
- Periodically test the performance of the interface and services of the application. Special attention should be directed to the notification service and logging system.
- Check communication channels to make sure they are secure and working properly.
- Periodically test the performance of the server:
- SMART disk check
- Availability of sufficient free space and memory
- RAM utilization
- Use the monitoring system to make sure that there are no problems with the server protocols.
- Store the activation code and sensitive data in a secure storage location.