This topic is something which many of us, IT professional or otherwise, have to deal with both at home and at work. With so many people bringing their own devices to work, and needing to make sure they are safe and protected at home as well, keeping your network safe and secure is more important than ever.
Combine this with all of the threats and regular reports of intrusions into networks of all types and kinds, and you begin to realise just how important it is to keep all of the information within your network secure.
Before I start, I want to say one thing; no network is stronger than its weakest link. A secure network today, does not guarantee a secure network tomorrow.
And finally, take care over who is allowed on the networks you control. Whether at home or in the office, these networks are again, only as strong as their weakest links. Letting someone unknown onto any of the networks you control could introduce factors outside of your control, such as viruses or malware.
The first step in doing this, is to ensure your router is up-to-date and running the latest version of its firmware. Doing this ensures that your router is protected against any potential attacks and hacks which the router in your home or office may have been vulnerable to in the past.
It is worth noting, that, especially for home networks, but also for office networks (particularly smaller office networks), the router provided by the internet service provider is not always the best router for your network. Spending a couple of hundred pounds or dollars on a much more sophisticated router can make your network considerably safer than if you use the one provided by the ISP.
Second, is to ensure that no ports are open to the outside world on the networks that you control, which do not absolutely need to be open, and custom ports are used whenever possible.
Your router, or routers, depending on the size of the networks you manage, should have options to allow access to specific ports by specific internet-based IP addresses. This can further help to protect your network, by making sure that your network is only allowing connections from IP addresses that you either control or have confidence in.
Third, if you are making use of the amazing group of technologies which make up WiFi, then if at all possible, use a separate network for visitors, even in your home network.
This prevents them from accessing the main body of devices connected to the networks you control, and ensures that you can keep control over the resources they have access to.
Fourthly, where it is possible, make sure that users are segregated using any of the different methods available. There are too many different options for this to go into this in this blog post, but a quick internet search would bring up many of the possibilities.
This will prevent users from being able to access parts of the network which they should be restricted from, for example, CCTV cameras should not be able to be accessed by the janitor or the computer engineer unless it is specifically in their job role, and they shouldn’t be able to log into the servers which manage the services provided to all of the users on the network.
User-based access permissions are fairly easy to setup and, if not, then IP-based permissions are definitely very easy to set up and maintain in the longer-term.
Fifth, whenever possible, ensure that all of the computers connected to the networks you control are running updated anti-virus, anti-malware, and internet security software. This will help to provide an additional layer of protection for users when they are using the internet, and when they access unknown materials provided to them on flash drives or CDs.
Finally, run regular checks on all of the computers, virtual machines, and other devices connected to your network to ensure that they are updated and running the latest versions of software, operating system and firmware updates. Just like the routers on your network, this will ensure that your system is less vulnerable to attacks than it would otherwise be.
In conclusion, making sure everything you have connected to the network, is up-to-date, is running good quality internet security software and is regularly checked to make sure that it does not have any issues; then you are doing everything you can to keep your network as safe as you can.
As always, if you need help or support with your network, then there are many consultants and IT specialists who can help to provide you with action plans, guides and information about the best way to secure your individual network.