More than just Anti-Virus
With the advent of more and more threats to business and home networks you need to think differently than the potential attacker. A bold statement I admit BUT a few sensible steps will give you a fighting chance. Each step is a separate subject so this is a brief overview
Remember no security solution is watertight but you can try to make it as secure as possible.
You have to take a layered approach to security. Start by thinking what is important to your company, Is it data or documents, email or web presence?
There is a different approach to each issue, let's look at data security or network security.
Your starting point is all about personnal preference, inside with the users or outside with your internet connection. We will look at this from the connection stand point.
1. Whether you have a broadband connection such as cable or ADSL or a leased line you will have some sort of router or modem. If you manage this then a simple thing as changing the default router password is a great starting point as most default passwords are available online. Change it and don’t tell everyone what is it. Only those who need to know should do. Nothing worse than people fiddling with it. Most will have built in firewall options, do some research as to what these need to be, ideally you should be blocking such things as streaming sites for illegal movies etc.
2. If a business it is an ideal time to look at investing in a UTM solution, commonly known as a firewall but a UTM is so much more. UTM stands for Unified Threat Management and will have various filters in place such as web blocking, spam filtering, intrusion detection and more depending on the manufacturer. Once in place it will need managing and updating as new signatures for the various components are rolled out to cover new threats.
Thats the perimeter looked at.
3. Next all depends on how your network is setup. Ideally you will have network switches which your devices connect to instead of just plugging into your supplied router. Again this is personnal preference on what type of switch is installed. There are a huge number of manufacturers but a managed switch is more secure than an umanaged switch or a network hub.
With a managed switch you can disable unused ports, label ports so you know what is connected where, setup VLANS to separate various parts of the business.
4. Wireless comes into all this also, it is a better solution to have guest access to your network for visitors keeping it all separate from your internal network so preventing infections and possble data loss.
5. If your server or domain then this is usually used for sharing resources or distributing emails. Giving various departments password controlled folders keeps data within the group it is designed for. You wouldn’t want the whloe work force to be able to access the payroll application in accounts and everyone's pay details.
6. Installing a reputable internet security solution on all servers, workstations, laptops and other mobile devices is a must. Password protecting the access to the program is highly recommended, it needs to be runnng all the time and the end user should not be able to disable it. Regular updates to the virus database is essential.
As they say you get what you pay for so research the different ones available. A business SHOULD NOT use the free versions availble as you just don’t get the same support or security.
7. End users, all your end users need educating on what is acceptable practice for internet and email usage, this is from the receptionist up to the CEO. An internet and email usage policy needs to be written, reviewed regularly and adhered to. While social media is a key business tool you don’t want everyone surfing the sites all day and not doing their jobs.
8. If you have a slow internet connection then you need to make sure that users are not streaming music all day as this will have a business impact on the performance across the whole network. This can be blocked or regulated by yout UTM.
9. Get dedicated IT support, be it in house or outsourced. IT and security can take up a lot of time and effort, if someone such as the office manager or receptionist is also supporting the network they are not doing their own job and therefore their side of the business is affected.
So to summarize, looking at a layered approach is an ideal way to make sure your network is available to users and perform as you would expect. It helps secure your business critical assets and ensures that you can get on with your day to day business.