Why do I need to do this?
Everday, the amount of sensitive information stored and transferred on your computer network grows. As this increases, so does the need for companies to implement appropriate measures to ensure data is not compromised.
In order to properly secure your company’s network, there are a few steps which must be taken.
1. Secure internal network and cloud services
Your company’s network should be separate from the public by strong user authentication mechanisms, along with policy enforcement systems.(firewalls and web filtering proxies)
In addition to this; further monitoring and security solutions such as anti-virus software and intrusion detection systems should also be employed. This is in order to identify any malicious code or unauthorised access.
The internal network:
After identifying the boundary points on your company’s network, you should be able to determine what types of security controls are necessary for each boundary and how they should be employed. Border routers should be configured to only route traffic to and from your company’s public IP addresses.
Firewalls should also be set up to restrict traffic only to and from the minimum set of necessary services. Intrusion prevention systems should be configured to monitor suspicious activity cross your network perimeter. In order to prevent bottlenecks, all security systems you deploy to your company’s network perimeter should be capable of handling the bandwidth offered by your ISP.
You should be careful when reading through the terms of service for your cloud service providers. This is to ensure that your company’s information and activities are protected by the same level of security you would want for your own data. Don’t be afraid to request security and auditing from your cloud service providers.
Moreover, it is essential to ensure the provider’s policies and workflows comply with your jurisdiction’s regulations(how data is stored and handled). Finally, it is also worth enquiring about additional services a cloud service can offer. This could potentially include backup and restore services and encryption which can further bolster your data security.
2. Develop strong password policies
It is advisable to use two-factor authentication methods rather than one. This simply means two types of evidence are used to confirm who you claim to be. An example of this would be a personal security token that displays changing passcodes to be used in conjunction with an established password.
In addition to this, a password policy should encourage your employees to use the strongest passwords possible without having to write them down. This means using passwords that are random, complex and long(minimum 10 characters). It is also advisable to change passwords regularly.
An alternative solution would be to use a random password generate like Last Pass and generate and store your passwords on their secure app.
3. Secure and encrypt your company’s Wi-Fi
Your company may choose to operate a Wireless Local Area Network (WLAN) for the use of customers, guests, and visitors. If so, it is important that the WLAN is kept separate from the main company network. This is so that traffic from the public network cannot reach the company’s internal systems at any point.
Internal, non-public WLAN access should be restricted to specific devices and specific users. Where the internal WLAN has less stringent access controls than your company’s wired network;dual connections should be prohibited by technical controls on each such capable device. All users should be given unique credentials with preset expiry dates to use when accessing the internal WLAN.
4. Encrypt sensitive company data
Encryption should be employed to protect any data that your company considers sensitive. Different encryption schemes are appropriate under different circumstances. Offering secure transactions on websites has become common practice now. It is therefore worth consulting your service provider about options for a secure socket layer(SSL) certificate for your site.
5. Regularly update all applications
All systems and software, including networking equipment, should be updated as patches and firmware upgrades become available. Use automatic updating services whenever possible. This is especially important for security systems such as anti-malware applications, web filtering tools, and intrusion prevention systems.
6. Set safe web browsing rules
Your company’s internal network should only be able to access those services and resources on the internet that are essential to the business and the needs of your employees. You can also use a web proxy to ensure that malicious or unauthorised sites cannot be accessed from your internal network.
7. If remote access is enabled, make sure it is secure
If your company needs to provide remote access to your internal network over the internet, one option is to employ a secure Virtual Private Network (VPN) system. This should be accompanied by strong two-factor authentication, using either hardware or software tokens.
8. Create a safe-use flash drive policy
Ensure that employees never put any unknown flash drive or USBs into their computers. Businesses should set a clear policy so employees know they should never open a file from a flash drive they are not familiar with.
Some final advice
By following these 8 steps and taking the recommended security cautions you will be able to effectively secure your company’s computer network. These precautions should be taken as an absolute necessity in order to protect your business in a world where cybercrime is constantly on the rise.
If for some reason the methods to secure your network fail, it is advisable to have CyberBee Insurance coverage as the final barrier against online criminals destroying your livelihood.