6 strands of IT protection for a more secure network

Strength in layers

You’re working on a project, and you have your processes in place. However, once you hand the project back over to your client, a number of the security layers that you take as given may no longer be part of the equation. And if something breaks, that may reflect back on you, even if the root cause was out of your control.

With that in mind, we’ve put in place a network security primer that you can share with your clients. It touches on the basics of six aspects of information security.

Six tips for a more secure network

The Internet is constantly changing, and so are the techniques the bad guys use. If you depend on computers and the Internet for your business, it’s time to up the security ante.

When you use multiple security measures throughout your network, overall security is improved. This works sort of like the fibers in a rope: a single strand could easily break, but when it’s braided with other strands, it becomes much more difficult to compromise the whole thing.

Secure Network

The next time you log on to your home or small office network or are working at a cafe, consider the following items:

Data and resources. Protect your data itself by performing regular backups, and encrypting sensitive or crucial resources.

Example: Store complete, encrypted backups offsite so they are not at risk of fire or flood damage. Also, keep multiple backups (i.e. daily, weekly, monthly) in case you need to roll back further to a point before an issue occurred.

Applications. This layer is the software on your laptops, desktops and servers. Attackers rely on outdated software because it might not equipped with the most recent security measures. Keep all applications, even those you no longer use, up to date with patches or the newest releases.

Example: Some applications don’t automatically check for updates, so keep track and check monthly.

Devices. This layer consists of the individual devices themselves: desktops, servers, routers and the like. Install antivirus software on everything, keep it up to date, and scan them regularly.

Example: Scan every device daily, and scan mobile devices, such as thumb drives, before using them on the network.

Passwords. Most networks are open if you’re “inside,” which means devices can connect to each other without authenticating. Convenient as it is, an open network makes it easy for attacks to spread. Secure your network with access controls enabled for all connected devices to help prevent unauthorized access. Don’t use the same passwords for anything, including email.

Example: Enable (and don’t auto-save) login passwords on all connected devices, including laptops, desktops, routers and printers. Also, set a screensaver password for your laptop that automatically engages after a short period of time and do the same by setting an auto-lock passcode on your mobile phone. Tools such as 1Password, LastPass, KeePass and others can make managing many different secure and strong passwords a piece of cake. Also use two-factor authentication everywhere you can, including email.

The points above are things you should be thinking about, regardless of whether you are working at the office, a cafe or a co-working space. If you also have a home or office network, consider the following two layers.

The edge of your network. This is where your home or office network ends and the Internet begins. Secure it with a firewall, and if you’re using a router, change the default username and password. If you don’t change the default username and password, it’s possible for a neighbor or other nearby individual to accidentally (or maliciously) lock you out of your own network.

Example: Your Wi-Fi router might also be the cable modem you use to connect to the Internet. Check with your provider or review documentation about changing the default password.

Your physical space. Your physical office also needs consideration. Restrict who has access to interact with the devices connected to your network, and create a data security policy to share with employees or contractors, if appropriate.

Example: Be selective about who you grant access to use removable media. Someone could walk away with sensitive data, but it’s also just as likely that a friend or client could unintentionally drop off a random bug when they share a file with you via a USB drive.

Also published on Medium.

Image by: Rickydavid via Compfight cc

Christopher Carfi
A veteran of both startups and the enterprise, Chris has a deep track record in developing customer community and evangelist programs for brands such as Adobe, H&R Block and Aruba Networks while holding executive positions at Ant’s Eye View and Edelman Digital, and he was co-founder and CEO at Cerado. He currently lives in the Bay Area with his family.