The best place to start in securing your network and your data is to understand the network. Know your environment, know your work flow, know your logical points of entry. When keeping these factors in mind, create overlap between protective measures.
Physical Security- Fences, Locks on doors, alarm systems, cameras, and flood/fire protection belong here. There are many aspects to consider based on your needs and environment.
Digital Security- This is a lofty topic but the ultimate goal is to protect data in transit and protect data at rest. Basic measures alone, such as a firewall and a password fail to provide much security in a network.
- Network Layer– Gateway Antivirus, Gateway IPS, email filters, stateful packet inspection firewalls, web filters, and application control. Do not neglect this as it is the first line of defense against cyber attacks on your network resources. A Unified Threat Management Appliance(UTM Appliance) should provide many of these features for you to secure your digital entry points. Don’t forget the website. Harden the code and implement a web application firewall (WAF).
- Application Layer– Software firewalls, software antivirus, passwords are all designed to help protect information and users accountability.
- Control Access– Limit departments or user access. An intern doesn’t need access to payroll nor does a vendor who is using wifi as they pitch a product. Access rights, VLANS, Guest Isolation, wireless security, authentication, are all things that should be considered to protect information and the flow of it.
- Encryption and Hashing– When data is stationary on a server, sitting on a tape in storage, or traveling over the wire it still needs to be protected. Hashing database entries or encrypting files and systems will help protect this data. When data is moving it needs to be protected when it leaves your network. VPN, SSL, TLS are designed to do just that when extending availability outside of the local network.
- Stay Current– Software updates, hardware updates, paper trails, documentation, and monitoring should all be routine work. As patches or fixes are released from software vendors or hardware vendors, apply them. Retain and review logs of network and host level safeguards. You will not know if your protection is working or worse when it is not, if you do not review. Having logs will help troubleshoot or investigations when an event does occur and monitoring will help stop the problem or attack early.
- Disaster Preparedness– Backups and redundancy are key in ensuring availability is not compromised. Theft, fire, tornado, flood, accidental deletion, hardware failure, and the list goes on for things to consider. Redundancy is not the same as a backup. Redundancy provides failover in the event of failure, while backups provide archives to retrieve data. Onsite and local solutions are ideal.
- People– Train employees what to do if someone unfamiliar walks in a room. Can they recognize spam? What about safe browsing practices? Do they share passwords with others? Training employees goes a long way in protecting your data and is often over looked.
As anyone can see security is a very large topic covering many areas. It can be intimidating but when done properly, can be very effective. Treating security in layers provides redundancy when one layer may fail. We at Upton Technologies are skilled in evaluating your security posture and implementing protective measures. Upton Technologies can assist with scalable solutions that are budget conscious to help multi-campus or even single user businesses.
Upton Technologies together with Watchguard can replace your current router/firewall with a UTM Appliance. Check out our Firewall or UTM? write up to find out how a Watchguard UTM can help your network.
Ryan Stephens
Senior IT Security Consultant at Upton Technology