Developing security protocols for the company is one thing, but keeping them up-to-date over time is another matter that requires diligence from the team that manages network security for the company. Usually this is managed by the IT admin team who has many other things on their plate, so it can be tough making sure that everything is audited and compliant with company expectations. Still, there are good places to start for any company that might be behind, or just feels that a checkup is in order.
Secure Access: Take a look at all access rights - if you have password tied to any appliance or system in the company that was the default provided by your vendor, change it immediately. As in walk away from the computer that you are using to read this blog and go change it right now. This is the first thing that the average hacker will attempt when they see a firewall, and according to PCI compliance research by Verizon in 2012, 51 percent of companies had this problem in place. Make sure that your password is strong and secure (if two-factor authentication is an option, all the better), but having a vendor default password is almost as bad as using âPasswordâ as the password.
Check the Logs: Now that actually accessing the network is secured, letâs make sure that our ability to track the comings and goings of the network is properly in place. This means being able to read and understand any and all reports that come out of your networking equipment, as well as being confident that nothing is missing. If you canât track the logs, then you have no way of being able to track or prevent a data breach, so this is very important. Most firewall providers including logging as part of their features, and for other elements there are programs such as Cacti that can be used to monitor networks.
Fully Operational Firewall: Speaking of firewalls make sure that the one that you have is up-to-date. Depending on your provider this will most likely include making sure that subscription services are up-to-date so that your firewall continues to get the most recent security definitions possible. Subscriptions services are also typically tied to advanced features such as applications control and content filtering as well, so not having these services turned on leaves big potential for trouble within the corporate network. If your firewall canât receive any updates anymore, it is time to upgrade the appliance for a new one - it is as simple as that.
Update all systems: To that end, make sure to test all desktops and servers that access the internet in the company - leaving systems out of date can result in massive holes for security in company. There is nothing more tempting to a hacker than stumbling upon an OS that is no longer supported since breaking in is that much easier. To avoid that, make sure that any and all applications are updated regularly so that the risk of leaving a backdoor open to malicious entities is significantly minimized as opposed to just leaving the system be.
Keep an open eye for BYOD/BYOA: In todayâs world, we also have to worry about users bringing in their own mobile phones (sometimes more powerful than their workstations!), tablets, and more in addition to using cloud-based services such as DropBox to support their work. While this can absolutely help them to be more effective employees, it can also be a security hole if not addressed, so be sure that employees understand how to properly protect company data if and when they use their personal devices to access said data. In regards to services, evaluate them to be sure they meet the criteria the company needs to in order to adhere to company policies or regulatory bodies. At that point, if these services do not comply, then block the service through the firewall - if they do, educate employees about any potential dangers that might exist to minimize risk.
This blog is listed under IT Security & Architecture Community