Quick & Professional
Best Practices for Network Security in Emerging Businesses
Download
Protecting your business's network and all the computers on that network can be quite a daunting task. Being the IT professional where you work means a lot of potentially sensitive information and computer files are in your hands. You hold the responsibility to protect all the information on your employer's networks. Between keeping the system safe from viruses, ad-ware, and spy-ware you also have to deal with potential hackers, employees who always seem to mess up their workstation, and physical security of the equipment itself.
This checklist will lay out the key things you as the IT go to person in your office need to know and maintain to keep your network secure and running in peak condition. You company's trade secrets and key files are in your hands.
Firewalls
Maybe you're thinking to yourself 'well of course firewalls are important', but do your fellow employees think the same way? As the IT professional you need to make sure every workstation in your office is secured and set up with a proper firewall. This doesn't just mean turning on the firewall on each station and moving along. Employees will disable the firewall on their computer in a second if they need or want to access a site or file that is prompting them to disable it. Make sure the administrator settings on each and every workstation are set so employees can not disable the firewall or any security setting without your authorization and password.
Administrator Accounts
From firewalls to fool-proofing is the direction this checklist is heading. You might have the servers set with secure account passwords; but what about every other computer connected to the network. Remember that one weak link can bring the whole thing crashing down; so secure all your connection points. This means that just like making sure firewalls can't be disabled, you need to make sure no settings that are critical to security and proper system functioning are changeable. Set up every workstation with a administrator account with a strong password and make sure permissions are limited for any and all other users of those workstations. Chances are that most employees have no reason or need to be changing settings or fooling around in the control panel.
Anti-virus Software
No matter how secure your network is under your watchful eye, the reality is that viruses do get through from time to time. Having solid anti-virus software running and up to date on all workstations and the servers is crucial to maintaining a secure business office network. Most major anti-virus software makers offer business solutions custom designed for your office size, number of stations, and more. Plus business versions of some software come with features tailored to a network professionals needs, not to mention potential savings when the software is purchased in bulk or with multiple licenses.
Spy-ware, Ad-ware, and Phishing
Anti-virus software can do a great job as the main force in protecting your network. But sometimes spy-ware and ad-ware get through anyways and can often go undetected until it is too late. Fortunately there are quite a few good programs out there, some of which are free. As for fake sites that phish information out of users; there are port blocking and IP blocking software packages to keep those sites from ever reaching your users' eyes.
Email
Sure, some of your fellow coworkers might think that forwarded email with pictures of cute kittens is a great way to start their workday, but as the IT professional who has to deal with the mass e-mails sometimes filled with disasters waiting to happen; it is anything but a joke. Consider setting up your business's email client to block all incoming email that isn't going to an address approved by your office. If employees want to send email personally; either have them set up a specific address book with those e-mails or tell them to keep personal e-mails out of the office. Besides, you can remind them that any email sent on company equipment is technically property of the company making whatever they say in those e-mails company business. You'll secure your email client and limit the amount of storage space used.
Wireless
Maybe your office has wireless internet set up. You may have done it so you didn't have to run as many wires or so the employees could take their work out to the picnic area in the back. But whatever the reason for wireless, make sure it is secure and password protected. You can set up secure wireless connections by visiting the site given by the maker of the router. There you'll enter the model number, set the passwords, and prevent free loaders from sapping your bandwidth. More importantly, you'll keep potential hackers out of your system, as an unsecured wireless network gives even novice hacker's easy access to every computer connected to the wireless network.
Power Protection
Whether you've just completed upgrading every workstation to the latest and greatest operating system, or finally run the entire network cables through all the walls; a quick jolt of electricity can wipe out all your hard work. Make sure that your equipment and network is protected from power failures and power surges. All workstations and servers should be connected to high quality surge protectors properly plugged into 3 prong outlets. You may even want to invest in surge protectors that double as battery back ups. Or depending on the size of your business, actual back up generators to keep your office running in the event of a power loss.
Surge protectors can prevent a disaster and thousands of dollars in damages.
Physical Security
This has to be one of the most overlooked areas of properly securing your network. A network with the most sophisticated software and most complex passwords means nothing if someone can walk into your server room with no problem. This issue also addresses the concept of theft of equipment, but first things first. Your server is the brain of your network and also likely where most of the sensitive files are kept. Not only can easy access to the server room allow someone to upload to your whole network, but also download too. Passwords mean nothing, because physically taking the hard drives from the servers is what someone looking to get company files may do.
A number of options exist for securing your server room. Keypads, card swipes, biometrics, and even the good old fashioned lock and key can do a lot to keep your servers secure and limit access to them. Keep your servers in a room or area where there is only one way in and out of the room, few or no windows, and out of plain site if at all possible.
Securing the actual equipment such as the individual PCs, laptops, cables, printers, mice, keyboards, etc is another task that is often overlooked. You might not be able to be everywhere at once to see who is using what equipment, but you can make sure equipment doesn't walk out the door either from internal theft or a break-in. You can buy reinforced cables that can be connected to computers, run in between and around peripheral cables, and bolted down to desks to keep equipment put. Padlocks or combo locks keep it all attached. Laptops that aren't in use can also be attached to specially designed cables; their like bike locks for electronics.
You don't need to assume every fellow coworker is a potential criminal waiting to steal everything in site; rather you can do the above to minimize the temptation to take, and reduce the amount of stolen goods if your office ever got broken into. The computers and IT equipment is under your control, so take steps to keep it under your office roof.
You may be thinking that some of the items on this checklist are common sense; and maybe they are for some of you IT professionals out there. But just because they seem like no-brainers, doesn't mean they aren't overlooked. Go through this checklist and see if your office's network meets or exceeds all the criteria mentioned. Invest in surge protectors, good anti-virus software, and physical security. Take the steps needed to keep all workstations up to date and connected in a secure way to your network. Test security often and fix problems before they get out of control.
As an IT professional in your business or office you need to keep on top of network security and be accountable for all equipment on the network. Keep employees up to date on changes to the network, potential security risks, and don't be afraid to teach your fellow employees how to use the network safely and properly. Follow this checklist, keep your employees in the know, and always expect the unexpected because there are always new security threats out there.
Additional Resources:
P-Guide; Best Practices for Threat Management Implementation
Antivirus and Antispyware products
Spam solution - CA Gateway Security
We Can Help You
Deployment Questions
Licensing and Technical Support
help@productivecorp.com
800.726.4099
