Every company from the smallest micro business to the largest corporation is at risk through their computer network. Internet thieves, hackers and virus distributors are on the lookout 24 hours per day for vulnerable computers to invade. Protecting your computer network against these unwelcome intruders is crucial. Every company needs network security.
Large companies are able to commit significant resources to implement the best network security available. But large corporate networks remain porous through a lack of staff commitment to security issues. Small to medium companies do not often have the luxury of seemingly endless resources to counter the threats. Nevertheless, network security for the small and medium-sized business is just as important.
The most useful place to start in the process of securing your network is to define a NETWORK SECURITY POLICY. An auditor is well positioned to assist to identify the risks faced by a particular business. The risks will vary from one business to another. Risk can never be totally eliminated, but the auditor will assist management to identify which risks are unacceptable, and those that will have to be tolerated. Some risks may prove too expensive to protect against. The network security policy is the vehicle available to management to define which risks to target and which to accept.
Network risks can be grouped into several categories. Serious threats include intrusion by hackers and other malicious parties aiming to steal information, defraud the company and its employees or simply damage the company's information. Spyware that monitors Internet usage by company employees is always a threat as are common viruses.
The task of securing a network has grown in complexity over the last few years as the popularity of mobile computers and wireless networks has grown.
Measures to be implemented to secure the network include:
Access control;
A firewall;
Anti-virus software;
Wireless network encryption;
Protection of physical assets;
Staff training and
Network monitoring.
ACCESS CONTROL is the first point of protection. Network users must be authenticated before any access is allowed. The simplest and most practical form of access control is through the use of a strong password. As a rule of thumb, a password should include a minimum of six characters. A mixture of alphabetic characters, numbers and special characters presents a fairly strong choice. The password should be case sensitive and should ideally contain a mix of upper case and lower case characters. As the mix of characters and the length of the password increases, so does its strength.
Most security advisors recommend that changing the password monthly be compulsory. Changing the password frequently may increase the complexity and strength of the password but it introduces vulnerability. Users typically resort to writing their passwords down, storing them on the computer as an aid to memory or creating a series of easy-to-remember passwords. Users opt for a system that they can remember. An example of a password that follows the complexity rules but is really weak is P4s$word1. At least one company uses this as the initial password when new users are added to the network. The users simply increment the end number by one each month. Retaining a less predictable password for long term use is somewhat more secure!
A strong FIREWALL is essential to any network and even to a stand-alone computer. The firewall can be configured to restrict network traffic based on a set of rules. Typically, the firewall will restrict access to certain network sites, prevent unwanted software from executing over the network and may help to keep viruses and Trojans out.
In today's environment a strong ANTI-VIRUS program is vital. Without protection against viruses the network's chance of survival is slim! Many anti-virus solutions include anti-spyware. The anti-virus software may be implemented on the network itself. This has the advantage that all emails transiting through the network and Internet sites visited are monitored for viruses before delivery to the user or to an external contact. The anti-virus software must update daily or more frequently when new dangerous viruses are identified. In addition, all users accessing the network should have a strong anti-virus system installed on their individual machines.
Anti-virus software comes in two forms. The first is where known viruses are identified and eliminated. Computers remain vulnerable to new strains being unleashed onto the Internet. The second is by using heuristic analysis. This identifies programs that may pose a threat based on their behaviour and other characteristics. A combination of these should present a strong anti-virus solution.
WIRELESS NETWORKS have become more popular as the technology has improved. Wireless networks present an additional threat. The network does not end at the business's door. A wireless network must be ENCRYPTED using the strongest available encryption coupled with a robust password. Some companies simply use the top row of the keyboard as the password. Although easy to remember, such passwords are the hackers' first choice in gaining access!
SECURING THE PHYSICAL ASSETS and prevention of theft is an important component of protecting the network. A stolen PC or notebook can potentially contain not only a wide range of data that should be protected, but may provide the access details to the network as well. Documents that belong to the business should be stored on a document repository rather than on each individual machine.
NOTEBOOKS pose an additional risk. Notebooks are vulnerable to theft and require extra care to protect them. A notebook can connect to a variety of external networks adding to the risk of unauthorised software. Undesirable software can find its way onto a notebook and return to pose a threat to the network. If the notebooks are company owned it is a fairly straightforward process to install policies on the machine and place restrictions on user access. Typically, the user will not have administrative rights to the machine. A good practice (though difficult to enforce) is to prevent employees from plugging into networks at client sites.
Privately owned notebooks pose another threat. Unless the owner agrees to have company policies and restrictions installed on his or her machine, the only option is to limit network access.
If you are using encryption for your wireless network why not use it for all your networks? Encryption adds an additional degree of protection to your data. A determined hacker can break into almost any system. Make it as difficult as possible for the hacker to access anything of value.
With all of these steps implemented you may experience a feeling of confidence that your network is safe and secure. It is necessary to monitor network access and usage to verify that the system is in fact secure. Installing ANALYTICAL NETWORK MONITORING TOOLS will keep you informed of security violations and intrusion attempts. If and when violations occur it will be necessary to review your network security to identify the vulnerable points. Additional measures may be required to seal the cracks.
EMPLOYEES pose the biggest risk to your network security! Unless the importance of network security is stressed, a careless attitude tends to emerge. Employees share passwords and leave their machines logged into the network when their machine is unattended. Although the access control software should automatically lock an inactive machine after a few minutes, there is always a window of opportunity when an employee walks away.
STAFF TRAINING and POLICY ENFORCEMENT is the most important measure that needs to be implemented. A system is only as good as the weakest link. A responsible attitude by the employee body is as important as all of the other measures implemented. Staff must be trained to keep their passwords safe, secure and secret. A computer must be locked the moment that an employee leaves his or her desk. Computers, especially mobile devices, should be physically secured to the desk.
Network security policies must be rigorously enforced and violations should always result in disciplinary action.
A secure environment will help to protect the network against unwanted intruders. But all the protection in the world will not protect you against data loss caused by hardware or software failure, fire, floods or theft. Small companies often rely heavily on the information stored on their network computers, but fail to back-up this valuable resource. DATA LOSS can be at least as devastating to a company as an intrusion. All important information should be BACKED UP daily, with a complete system backup weekly or monthly. Wherever possible, the backups should be stored off site.
Backups should ensure that a business can carry on running from a separate computer if the need arises. This process must be tested on implementation, and thereafter at regular intervals. It is too late to test when you have a disaster! This is known as Business Continuity Planning or Disaster Recovery.
The measures taken to secure your network may depend on the size and type of business, and the importance of maintaining the data. However, almost any environment will require at least some degree of network security. Perhaps the most important aspect in maintaining a secure network can be achieved by instilling the right attitude in the employees. The most secure prison may be invaded if the guards leave the gates open but vigilant guards are able to secure an open prison.