Maximize Your Business with IT: Network Security
As networks become increasingly complex, securing them at every entry point has become an overwhelming challenging. All applications, databases, software, and hardware include default settings that can be easily circumvented. And, cyber-criminals are more sophisticated than ever before, possessing the skill and knowledge needed to hack their way into even the most intricate technology environments.
It is up to you to take the necessary measures to protect your most critical business systems. An ironclad security infrastructure, combined with stringent internal security policies that include rigid enforcement and regularly-scheduled checks, is the key to keeping your network safe from hackers, intruders, and other unauthorized users.
The first step in ensuring tight network security is use of testing tools, which can be easily obtained via download directly from the developer’s Web site. This will help you to determine how vulnerable your environment really is. These tools test the integrity of each server’s internet access protocols and firewalls, and identify any potential “open doors” (you’d be surprised how many there are on the average system). A list of the Top 100 Network Security Testing Tools, as determined by a 2006 Insecure.org survey, includes software solutions by vendors such as Nessus, WireShark, Snort, NetCat, and more.
If you’re really concerned about network vulnerability, you can hire a third-party security firm to perform ethical hacking. During an ethical hacking test, consultants will attempt to breach your network security – with your permission, of course – and document any problems found. Some of the firms that provide this kind of testing include Paladion Networks, Mitnick Security Consulting, Sky Box Security, and Remington Associates.
Although external security breaches are a major issue for corporations today, studies show that the real threat comes from inside company walls. A recent FBI survey demonstrated that 70% of all computer intrusions are perpetrated by someone associated with the business. To preserve the integrity of confidential customer data or proprietary product information, you need to tighten up network security. Just a few simple security steps can save you quite a bit of grief later on.
I recommend:
- Using strong alphanumeric passwords that are longer than eight characters. Change them at least every one to six months.
- Implementing biometric fingerprint technologies for login and authentication.
- Monitoring and logging all network activity at your company. Review the log files each week, and look for any suspicious events or behavior.
- Encrypting more sensitive data with industry-strength algorithms like Blowfish.
You can further enhance network security by using password-protected screen savers with automatic logoff. Keep your server room, or any other area where computer terminals are located, locked at all times. You can also use electronic locks with badges or swipe cards, or highly-secure biometric locks, to identify and keep record of all visitors.
The use of video cameras in public access areas can dramatically reduce your risk as well. Studies show that employees who know they are being watched are less likely to break company rules. While you don’t need to record all activity around-the-clock, I strongly recommend that you do. If a security breach occurs, you can immediately identify the person responsible.
Finally, deploy all security patches for all of your desktops, servers, and network devices, and ensure that they are updated automatically. Many businesses already have massive security gaps in their systems, and don’t even know it.
For more information on protecting your systems from hackers, cyber-criminals, and security breaches, visit The Computer Institute of the Rockies, Enterprise IT Planet, and The InfoPackets Windows Newsletter.