We are wrapping up European Cyber Security Awareness Month by tackling network security. Network security is made up of the hardware, software, policies & procedures designed to defend against threats to your company’s computer systems. It complements endpoint security, which protects individual devices, by focusing on how those devices interact, and on the connections between them. In essence, your computer cannot be hacked if hackers can’t get to it over the network.

No matter what size of business, even if it’s only a small 2 person start up you will have a network of some shape. Whether your files, applications etc. are held centrally or you use removable hardware to share information, you need to secure & protect the privacy of your data content.

Network attacks look to exploit:

• Unsecured wireless networks
• Unpatched software and hardware
• Unsecured websites
• Weak passwords
• Lost devices, and
• Unwitting users

Due to the recent introduction of GDPR, it is more important than ever for businesses to protect the data they hold on their network or they can face hefty fines.

Why do we need network security?

Having our devices connected through the internet and other networks opens up a world of possibilities for us. We can access the information we need without having to keep it on our devices permanently. These connections also leave our information vulnerable to theft.

Unless it is properly secured, any network is at risk of malicious use and accidental damage. Hackers or poor security practices within an organisation can leave private data exposed, including customer details.

Back when the internet and computer networks were in their infancy, everyone would have antivirus. This was the standard in protecting your organisation from downloading a virus onto the network. However, as computing has grown and new threats have developed, so have new capabilities for protecting against these attacks. This can make it confusing for businesses to know what they really need to stay protected. Especially if you don’t have a dedicated IT department looking after things for you.

Protecting your network

From our experience, we have found that protecting your network falls under two primary areas. There is of course the technicalities and then there is how these policies and procedures are managed and used.

1. Tools & Technology

To get started, some networks security tools you should consider include:

• Antivirus and anti-malware software
• Firewalls
• Network segmentation
• Secure your VPN (virtual private network)
• Email security
• Keep patches and updates current
• Actively manage user privileges

The good news is that many security products available today include a bundle of the above. For example, we have placed a number of our customers on the Trend Micro security solutions. Their ‘Worry-Free Standard’ provides endpoint security, malware protection and helps prevent ransomware, all in a straightforward per user price. However, where we have seen businesses fall, is when they consider this as a ‘plug & go’ solution.

2. Manage & Monitor

On top of implementing the above tools, an organisation should also seek to continuously manage and monitor how these tools are used. The much reported ‘Wanna Cry’ attack on the NHS was partly due to human error, in not keeping patches and updates current. We have all been guilty of ignoring the ‘updates required’ notification on our device when we are in the middle of something we deem more important. So as well as taking time and resources to implement anti-malware, firewalls and everything else, businesses should also:

• Maintain a list of authorised software and prevent users from downloading applications that are not on the list. Remember the highest risk factors are emails, websites, applications & social engineering techniques Ensure your staff understand your policies and that these are enforced.
• Update the company’s written security policies. For example, spell out which, if any, personal devices are allowed to access the company network and state explicitly how much time users have to report lost or stolen devices. Look into Mobile Device Management (MDM) software that can remotely wipe devices.
• Segregate critical data from the rest of the network and require users to authenticate themselves before accessing it.
• Run vulnerability scanning tools at least once a week and conduct penetration testing.
• Continuously monitor network traffic to detect unusual patterns of activity and possible threats.
• Have a plan in place that fully describes the procedures to be taken should the network be exploited. It’s important to be pro-active & reactive.

This blog is definitely not a definitive guide to network security and every business will have their own specific requirements, to find out more or to speak with a member of our team please get in touch.