We live in an online world, and one where not only computers and mobile devices, but all sorts of other pieces of “smart” technology might be connected to a network. This, of course, means that company network security is an important factor that businesses can’t afford to take for granted. A good IT support team – whether in-house or an external contractor – will put network security at the very core of what they do. However, even if your business doesn’t yet have the luxury of dedicated IT support, there are still things that you can do to protect the integrity your company network.
Company Network Security – Step One
The first step in ensuring company network security lies in developing a robust network security strategy, and ensuring both that your employees understand your policies, and that they are rigorously enforced. Consideration should be given to factors such as password policies, encryption, remote access, and guidelines on acceptable Internet and email use. BYOD (“bring your own device”) is a particularly hot topic at the moment – it can deliver business efficiencies, but there are distinct risks associated with allowing employees to connect unsecured personal laptops or mobile devices to your company network. Once you have determined your network security policies, here are a few of the factors you should concentrate on:
Servers: This is where the bulk of your business and customer data is likely to be stored, and therefore an obvious target for malicious attacks. You should centrally document all your servers, and update the checklist every time a new server is added. Assign strong passwords and allocate permissions, and ensure all servers are covered by enterprise-grade antivirus and firewall solutions. Secure naming and IP management is important, and you should run regular vulnerability checks.
Workstations: In common with servers, compile a master checklist of all workstations and ensure this is kept up to date. Each workstation should run effective firewall, antivirus and anti-malware software, as well as encryption software. Workstation access should be password protected and backed up with a robust password policy. Wherever possible, implement a centralized patching and software update process that automatically rolls out changes to all networked workstations.
Routers and other network devices: As the entry point to your network, properly protecting your routers (and any other network equipment) is the cornerstone of company network security. Once again, compile and maintain a master checklist of all your network equipment. Secure your routers by customizing the network name, ensuring encryption is turned on and using static IPs. Centralized patching to all devices should be performed alongside regular vulnerability scans.