Tips for Securing Your Network

When computer networks were isolated within the walls of offices, an Internet connection was a luxury and not a critical component of business functions. That has now completely changed for businesses that rely on computers to acquire and deliver services. Customers, business partners, remote office locations, and mobile workers expect connectivity to your office network. This interconnected nature of networks opens doors to new levels of productivity; and to threats that can disrupt business.

Securing your network should not be an afterthought; it just makes business sense. The benefits of a secure network are numerous:

It is more reliable, has fewer problems, and consequently costs less to maintain.
It improves productivity across all your stakeholders: customers, partners, and employees.
It protects your investment in bandwidth by controlling abusive use and unwitting hosting.
It lowers your exposure to legal and regulatory action.

In this article I highlight numerous tips for securing networks. This information was gleaned from research of published industry best practices and tips from government sites, such as the FCC, and from our own experience in supporting business networks.

The tips presented here can significantly enhance your computer network security. Do note, however, that no one can guarantee absolute security. You need to carefully balance the requirements for implementing security with proper investments in time and money, while keeping business objectives squarely in mind. These tips are organized into a few key strategies.

Employee Education and Policy Strategy

Provide Security Training: All employees, includes managers and executives, should be educated on basic security practices and how to protect sensitive business information. Establish policies and rules, including penalties for violating them, on how to protect sensitive data and make training available on a regular basis. Topics include: whether and when to use Web for personal use on office computers, instant messaging, social networking sites, streaming video and music, if and how company monitors Web usage, prohibited activities, tips for safe browsing, common techniques used by hackers and how to avoid falling prey.

Use Strong Passwords: Passwords are the most common method for gaining access to network resources. Unfortunately, they are also easy to hack through the use of automated tools. Train staff to use their passwords as they would their home keys: don’t leave them lying around and don’t share them. Strong passwords typically use a combination of letters, numbers and symbols, are at least 8-characters long, are changed every quarter, and differ significantly from previous passwords.

Regulate Access to Information: You probably don’t want to give everyone full access to everything. The judicious use of network user groups and permissions ensure network resources and data are available on a business need basis and that the Administrator account is only provided to trusted resources and executives and used only when necessary. Many line-of-business applications support roles, such as Sales, Operations, Accounts Payables, etc. to provide access to data they maintain on a business need basis.

Internal Network Strategy

Implement Backup and Disaster Recovery Procedures: Core business data is the lifeblood of any business. Implementing a multi-level backup procedure; image, file and folder, and offsite, is a simple way to protect critical data. Backup and Disaster Recovery (BDR) appliances take this a step further by helping you quicken server recovery in case of failure. Testing your backups periodically is an important component of any backup strategy.

Implement Desktop and Server Virus Protection: These software solutions have been around for a long time and they continue to evolve as threats evolve. Keep your anti-malware software current and its definitions current.

Patch Desktops and Servers Regularly: Security vulnerabilities in the operating system and in applications are regularly addressed by reputable software vendors. Take advantage of them. Keeping security patches current from your software vendors protects your computer from known attacks and vulnerabilities. Again, there are centralized patch management tools that make the process less time consuming.

Centralize Computer Administration: By implementing a server and applying a group policy across computers, you can standardize the process and save each user the time it takes to implement configurations one computer at a time. There are tools to centrally manage virus updates, security patches, desktop firewall, permission groups, and other security features.

Secure Physical Access: Do not overlook the physical location of your critical network infrastructure. These should be accessible to trained and trusted employees. Keeping this infrastructure secure in a locked room or server closet will reduce inadvertent or fraudulent access or change to network.

Secure WiFi Access: WiFi access to the network enables even mobile employees to be productive. Data, as it travels over the air is typically less secure than when it travels over wired networks. Information traveling over the air is at risk of interception. Use wireless data encryption protocols to ensure that data is encrypted during transit from source to destination to protect against risk or interception. Also, setup wireless access point for guests on a separate subnet so they can access the Internet but not your network.

External Network and Perimeter Strategy

Consider Outsourcing Email Services: Corporate email has become mission critical for businesses of all sizes. If you do not have a mission-critical application support infrastructure internally, consider outsourcing your email infrastructure. The widespread availability of such solutions from key industry vendors makes these affordable. And you can leave the worry of securing and maintaining such infrastructure in the hands of those that do it 24×7.

Secure the Perimeter: Connecting your network to the Internet allows you and your employees to gain access to valuable data and be productive even when on the run, but it also exposes your network to attack from intruders. Most small businesses use consumer grade routers/firewalls to protect the edge of their network that is right behind the broadband modem. Though these devices have grown in functionality, they aren’t equipped to handle the perimeter security needs of a business. With business grade routers/firewalls/UTM (Universal Threat Management) appliances, you gain a powerful hardware platform that provides ability to filter malicious traffic and spam from the outside, receive regular security updates, provide secure remote access, implement intrusion detection and prevention services, and prevent infectious code from executing from trusted but compromised sites.

Stay Informed and Vigilant: There are numerous industry and government sites dedicated to network security. Stay informed as data and practices continue to evolve. Business-grade UTM appliances are designed to be monitored remotely from security operations centers and to send reports and alerts that may need attention.

Request Links to Related Resources

If you found this topic of interest, I encourage you to request a list of additional resources you can download at no cost. Simply email: info@rcare-solutions.com with the words “Network Security Tips” in the Subject line.

Building a Quality High Performance Professional Network in the “Knowledge” Economy

In the knowledge-rich society and professional world we live in, building a quality high performing professional network should be a focus for every professional knowledge worker. More than ever, we need to be connected and integrated in communities that provide mutual value. It is no longer enough to have a network consisting of all the people you meet at conferences, through work or at other events.

We need to pro-actively develop and manage our professional network as an integral part of our career management in the knowledge economy. This is far more than just having the inter-personal skills to talk to people and make meaningful contact that can grow into lasting professional links. Having these skills is great, and we need them. But managing our professional network needs to go beyond that.

  1. We need to be able to ascertain the quality and performance of our professional network.
  2. We need to know what the strengths and weaknesses are of our current network.
  3. We need to know how to pro-actively manage our network to ensure we prepare for the next step in our career.

In order to do all of this we need to understand how knowledge is generated and shared in societies. We also need to understand how different kinds of people fulfill different requirements for knowledge. And, importantly, we need to know what our strengths are in professional networking.

When we look at our current professional network, we need to be able to identify strengths and weaknesses, and have a road map of how to improve and refine our professional network to serve us best, and also optimize value for all other members of our network.

Just like we suffer from an information overload in the current online and knowledge-rich world, we can end up having a large number of people that we know, but we do not derive the value that we could from the network because it is not suitable for our career, or is so overloaded that we are not able to have focused contact. We can end up wasting time by increasing the size of our network without really improving its quality and performance in our career or for anybody else in the network. If we allow that to happen, we also do not do others a service, because we all become numbers in one another’s professional networks rather than a well-functioning community that add value for one another.

There are more and more online tools and facilities that enable us to build global professional links and networks. The aim is not to participate in as many of them, or even to have as many contacts as possible. Rather, we need to utilize these wisely in order to build meaningful and useful professional networks that will become an integral part of the success of our careers.

Most courses (and online courses), as well as other information about professional networks focus on the inter-relational and social skills we need to build good links with others. These are important, but do not necessarily mean we’ll end up with a good professional network. Information on how to ensure quality and optimize value from the network for all participants is not readily available.

However, a quality, well-designed and high performance professional network is imperative in the knowledge economy.

Business IT Networks – 5 Common Problems Overlooked by Entrepreneurs

IT Networks though simple, require extensive planning to ensure stability, yet we often encounter businesses that are unacquainted with the imperative role networking plays in the efficient functioning of their company.

Informed business entrepreneurs often opt to upgrade their networking systems to suit their organizational structure. Although upgrading is an expensive, time consuming process, its benefits are ten fold. Though, there are some small size companies that insist on having a Windows XP workstation function as a network server, this decision may eventually lead to decrease in efficiency and productivity of the entire Information Technology environment.

Network Consultants should always analyze the nature of your business so as to recommend a networking/Information Technology system that would be the best fit for your business. IT Consultants should evaluate both hardware and software requirements to guide your company through the pros and cons of various networking options that your business may be considering.

From a network consulting standpoint, these are five common problems that are either neglected by businesses or not included in the overall planning of the Network Infrastructure.

Disaster Recovery: Although entrepreneurs are risk takers they provide for all contingencies. While they insure their store and goods against fire, theft, natural calamities, etc., in many cases they ignore the need to implement a disaster recovery plan for financial records, employee payroll and client data. Losing valuable customer information to a fire would result in temporary chaos and a financial drain. Therefore, a data recovery system should be available to restore normal operation within 24 to 48 hours.
There are several options to evaluate depending on the size of the business. A good Technology consulting company should be able to assess the needs and accordingly recommend an IT recovery plan that is fool proof yet affordable.

Redundancy: Although businesses are advised to maintain an alternate or redundant source of power supply for critical servers, many entrepreneurs ignore this simple loss prevention method in order to save a few hundred dollars. For example, servers that process customer credit card transactions are not exempted from the probability of failure and if not backed by a redundant power source, it may lead to a major financial loss. The point that I am trying to get across is that important network equipment should be identified and a redundant plan should be implemented to provide against unforeseen circumstances.

Network Security: Viruses are not strangers to the world of computers and internet. While performing technology analysis and auditing we come across businesses that have servers on DMZ without network security [http://www.onsitechicago.com/networksecurity.htm] measures like a simple firewall. We have seen instances were employees had full access to the network server running virus inviting programs like Limewire. An obvious result of this would be a slow network. In most cases, passwords for workstations, servers etc. are identical and shared. Impermeable network security plans should be implemented especially when business IT infrastructure holds confidential information of clients or individuals that may become a risk as well as an embarrassing situation if lost or stolen.

Network Speed: Businesses always focus on maximizing efficiency and productivity at the lowest cost and what better way to achieve this goal than to minimize wastage of employee time? Speed of IT networks depends on many factors from simple network security policies to restrict P2P software to intelligent switching hardware. You may be surprised but network infrastructure cabling (Cat 5, Cat 6, and Fiber Optics) also makes a significant difference on the performance of the entire network.

Expandability: Change in networking structure is an option that should always be open for clients. To plan ahead is important as a business need not overhaul a huge part of their network to see an insignificant benefit. A simple example would be to anticipate network storage requirements of data. Clients often overlook the importance of discussing options with consultants to make sure their IT system remains adequate for at least 3 to 5 years. The aim should be to minimize dollars spent without hindering the quality of work being performed by employees.

Consultants are professionals and while their recommendations should not be overlooked, they should not be adopted blindly either. As a customer you are entitled to know the ‘whys’ and ‘hows’ of every suggestion made. Request layman’s explanation for every problem encountered. Most importantly, ensure that the 5 major and basic areas are covered in the initial audit reports or recommendations made by any Technology consulting company.

Onsite Chicago is Technology Consulting Company for business in the Chicago area. Featured in major newspapers they are considered one of the top business network consulting firms. To view a complete list if IT services from Network Management, Network security and data / telephone cabling please visit Chicago Business Network Consultants page.