Affordability and cost
Implementing network security and backups can be daunting because of the price and confusing because of the technology. However, it is essential to invest both the time and money to understand and implement a secure system. While doing so may be costly, the alternative is living with the risk that the data or network could be compromised or destroyed at any time. The cost of a secure network needs to be weighed against the cost of a data breach or corruption, and its impact on the company. With the vast array of networking tools and services available, it is also possible to develop a secure network on a budget. IT professionals are trained to keep cost in mind when recommending and building networks.
Defense-in-depth approach to protecting a network and information
Defense-in-depth is a framework to secure portions of an enterprise that require safeguarding. Because it can be expensive to implement, it is best used only for assets that require security. Evaluating assets’ worth to the organization is an important initial step in developing a defense-in-depth strategy. This method of data protection must follow business rules and allocate the defenses in the most efficient manner possible.
The worst time to realize you don’t have a backup of important data is when you need it the most. There are countless examples of small, medium, and even large companies disappearing overnight, because crucial data was corrupted and the backup wasn't in place. This isn’t always the result of a virus or attack; if a system drive fails and data is corrupted, the only possible way to recover it is to have a properly tested and working backup of the data.
Disaster recovery and response strategy
While attack prevention is important, being prepared to respond in the event of a successful attack is equally essential. A policy should be created to address the specific tasks and roles to be followed that covers the identification, remediation, damage assessment, and recovery of any affected network devices and information. Following any attack, the company and network security policies should be updated with prevention strategies to avoid similar attacks from succeeding again.
Basic network security requirements
A protected wired network is essential for maintaining information security. Each computer connected to the network needs to be installed with antivirus software as well as the latest software updates. Firewalls must be active and regular scans should be run to ensure protection. Frequent monitoring of the network and system logs for possible vulnerabilities is equally important. The network administrator should consistently check for software upgrades and patches to protect against potential threats.
Basic wireless security requirements for any company
While a wireless connection has several vulnerabilities, they can be minimized by following the proper precautions. When setting up the wireless network and any additional access points, the SSID should be made invisible to prevent unwanted users from viewing it in a list of possible connections. The strength of these access points should be minimized to only spread to the necessary distance of the building. A strong password involving upper-case, lower-case, symbols, and numbers should be used along with WPA2 encryption. While WEP encryption is commonly used, it has been proven to be easily cracked. At the initial programming of the wireless network, it is important to disable remote administration, as this can allow an outside user to alter settings and gain access. Additionally important is to change the default password on the setup of the access point, otherwise it can be easily hacked. Another way to further secure the wireless network is to use MAC address filtering and add a list of specific accepted users to the network.
Web access policies and restrictions – creating firewall restriction policies against categories of websites that are unrelated to work is crucial. Because of the millions of types of malware that exist on the internet, blocking websites that are unrelated to job duties or potentially dangerous is essential in maintaining network security.
Role-based access control system – limiting and tracking employee access of information on a network to what their job requires.
The majority of successful data breaches come from internal attacks - It is important to be aware of warning signs from disgruntled employees. All access to a building and network must be immediately revoked upon their termination.
Importance of security policies being reviewed, updated, and followed – the strongest security policies are meaningless if they become outdated or ignored.
Employee awareness program – It has been estimated that over 90% of successful cyber attacks against companies could be avoided with employee’s having a basic knowledge of computer security.
The most common attacks against companies come in the form of spam and phishing emails. These will contain a link that may seem innocuous, but only takes one employee to click the link in order for an attacker to gain access and control of the organization’s network and any data on it. The email can even come from an address of a legitimate employee, but the wording is often strange or unrelated to anything relevant. When there is any doubt, it is always best to contact the sender directly and verify the authenticity of the email.
SANS Institute - SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.
Krebs on Security – A great, informative blog to follow that covers emerging threats to businesses and network security.
October is National Cyber Security Month