Re: oldie but goldie
Quite, it's amazing how often the basics are overlooked.
Too many breaches are down to the basics being messed as opposed to some amazingly complex hack, three simple rules to avoid the majority of problems -
1. It better to have an outage due to a patch than pay the fine for a data breach.
2. Trust nothing your systems are given until you've validated it on your systems.
3. Start by denying access then give when it's needed and revoking once it's no longer needed.