Vistas for Network Security
Enterprise security
Effective solutions
Tools and standards
Free Newsletter

Stay updated, sign up for our free newsletter to receive useful tips

Full Name
Email Id
sign up

Effective Business Network Security Policy

Tips for Effective Security
Network security is multi dimensional and identifying each dimension and dealing with it results in a secure network environment. For the knowledgeable about networks and security;
or for those who have read a lot about network security there is always something you might have missed out. You may have employed someone to manage your network and think that they will take care of the security as well. Whatever be the issue; knowledge always helps check whether you have secured your network. So given below are aspects of security and a few of its necessities.
Find an Expert
The easiest solution if you do not have any knowledge of network functioning is to ask the persons who installed the network to come and optimize it for security. Many companies do this in addition to hardware services outlined in the contract. This is possible if you have bought all your systems from one vendor.
Rate this Article
  Excellent

  Good

  Average

  Bad

  Terrible

rate

Current Rating
Other possible solutions would be to call in an expert to decide for you the means of better network security.

To find an expert you should look for the following
  • Experience in the networking and security industry especially in audits, policy enforcement, ethical hacking, and other fields of computer and network security.
  • Certifications possessed by the expert like Security+, SSCP, CAP, CISSP, and the ISACA/CISM.
  • Ask for references and check them out.
  • Some businesses that are based on providing security solutions. (read reviews to find the best solution)
Physical Security
Security guards may or may not be present in your organization. Physical security does not refer to them. It refers to perimeter security and the security of your server on which you have all your information. The functioning and security of your network is critical and depends on these few factors.
  • Persons who have access to the Server (only trusted persons should have access to your server. Check out its audit logs and you will know if anyone other than these persons has accessed the server. You will also get log details of date and time.
  • Have locks and alarms to protect your server.
  • Secure weak points such as power and reset switches.
  • Information is not only stored on your server but also on back up disks. Keep your removable hard drives or magnetic tapes or CD/DVD’s on which you have taken a back up safe.
  • The best way to know about what devices need security is to prepare an inventory of names, vendors, software, and hardware including all routers, switches, firewalls, and other devices. After this is accomplished assign the priority and access list for each of the devices that need security (physical/perimeter).
Network Security
Now that your inventory is already made; take a look at it again.
  • First the server; so secure your ports through which information can be transferred or copied. (USB/parallel/SCSI and FTP/TCP)
  • Next are passwords; so select strong passwords for the server and the other systems so that no one can guess them and get into the server.
  • When you have tele-workers home computers and laptops present another major threat. The best procedure would be to lock down your home computer or laptop with strong BIOS passwords, cable locks, laptops alarms, client firewalls and VPN for communication with the office server.
  • Now that you have done all that it is best that you look up all your vendors on the inventory you have taken and find out information on security flaws and patches. You could also browse for the various security websites that give you regular information related to flaws and updates.
  • Most SME’s are dependent on a small group of computers. The network design will be different for 25 to 50 computers when compared to 250 or more computers. As the enterprise grows the number of systems on the network also grows. The network design has to reflect scalability with respect to systems and devices as well. Security implementation for larger number of systems becomes more cumbersome due to the fact that the systems audit is going to be longer and more time consuming to verify.
  • Software applications help you in knowing the status of your network. These are known as vulnerability scanners. These scan all the areas that are vulnerable to an attack. This software is made to check up previously known methods of attacks and see it that method of attack is possible on your network, systems and devices. These require ‘attack signature’ updates regularly. Thus you can better the security of your networks if you get one of these softwares that will automate the process of detecting flaws and helping you secure your network.
  • Internet security appliances include many other checks like intrusion detection, IP spoofing, etc… These device can help you secure your systems from the external network(internet)
  • Network security solutions can be implemented using multiple software, hardware and devices or a single unified threat Management device. The function is firewall, malicious code detection and removal, Spam and content filtering, Intrusion detection and prevention.
  • Network security Audit is another major means of detecting loop holes and securing the network. Take special care to obtain security audits of all your laptops as well as one point of entry can bring the entire network down.
A quick run through of the topics you need to consider for network security is

1. Choice of operating system (Windows gives you updates and patches, Linux you may not get the updates if yours is an open source. Though some Linux companies offer patches. For example: Red Hat)

2. Update management (service packs and Patches )

3. Firewalls

4. Anti virus and mal ware detection and removal

5. Intrusion detection and prevention

6. Security policy

7. Human factor

Human factor is the most important you need. Educate your users on what is permitted and what is not (on the network and internet) in the simplest language. You need to clearly formulate a policy for the enterprise detailing enterprise email security and enterprise internet security. Your enterprise security software will protect you from other eventualities while the enterprise security policy ensures that you are not compromised due to inadvertent employee behavior. The areas your policy should specify
  • Downloads
  • Safe content
  • Email attachments
  • Micro drives
Studies have shown that most networks are brought down by insiders through carelessness of a worker who downloads the wrong application or has opened a malicious code in his/her email attachment.

Related Articles
Best Tools for a Secure Network
What Are "Security Handbooks": site/Internet by IETF?
Network Security: Sites, Forums and Tools That Help You

Bookmark this page Email this to your friend Add this page to del.icio.us


Suggest an Article

Haven´t found the article you are looking for, please suggest your article. We value all your suggestions and comments.