As the amount of sensitive information on your computer network grows, so too does the need for appropriate measures to ensure this data is not compromised.
To properly secure your company’s network:
Use the following tips to create a safe and secure network.
Secure Internal Network and Cloud Services
Separate your company’s network from the public Internet with strong user authentication mechanisms and policy enforcement systems such as firewalls and Web filtering proxies. You should also employ additional monitoring and security solutions, such as anti-virus software and intrusion detection systems, to identify and stop malicious code or unauthorized access attempts.
You should also inquire about additional services a cloud service can provide. These services may include backup-and-restore services and encryption services, which can further bolster your data security.
Develop Strong Password Policies
Two-factor authentication methods, which require two types of evidence that you are who you claim to be, are generally safer than using only static passwords for authentication. One common example is a personal security token that displays changing passcodes to be used in conjunction with an established password.
Additionally, password policies should encourage your employees to use the strongest passwords possible without creating the need or temptation to reuse passwords or write them down. That means using passwords that are random, complex and long (at least 10 characters), that are changed regularly and that are closely guarded by those who know them.
Secure and Encrypt Your Company's Wi-Fi
Your company may choose to operate a Wireless Local Area Network (WLAN) for the use of customers, guests and visitors. If so, it is important that such a WLAN be kept separate from the main company network so that traffic from the public network cannot traverse the company’s internal systems at any point.
Internal, non-public WLAN access should be restricted to specific devices and specific users to the greatest extent possible while still meeting your company’s business needs. Where the internal WLAN has less stringent access controls than your company’s wired network, dual connections—where a device is able to connect to both the wireless and wired networks simultaneously—should be prohibited by technical controls on each such capable device. All users should be given unique credentials with preset expiration dates to use when accessing the internal WLAN.
Encrypt Sensitive Company Data
Encryption should be employed to protect any data that your company considers sensitive, in addition to meeting your local applicable regulatory requirements on information safeguarding. Different encryption schemes are appropriate under different circumstances. If you choose to offer secure transactions on your company’s website, consult with your service provider about available options for an SSL certificate for your site.
Regularly Update All Applications
All systems and software, including networking equipment, should be updated in a timely fashion as patches and firmware upgrades become available. Use automatic updating services whenever possible, especially for security systems such as anti-malware applications, Web filtering tools and intrusion prevention systems.
Set Safe Web Browsing Rules
Your company’s internal network should only be able to access those services and resources on the Internet that are essential to the business and the needs of your employees. Use the safe browsing features included with modern Web browsing software and a Web proxy to ensure that malicious or unauthorized sites cannot be accessed from your internal network.
Secure Remote Access
If your company needs to provide remote access to your internal network over the Internet, one popular and secure option is to employ a secure Virtual Private Network (VPN) system accompanied by strong two-factor authentication, using either hardware or software tokens.
Create a Safe-use Flash Drive Policy
Ensure that employees never put any unknown flash drive or USBs into their computers. Businesses should set a clear policy so employees know they should never open a file from a flash drive they are not familiar with, and that they should hold down the Shift key when inserting the flash drive to block malware. By doing so, you can stop the flash drive from automatically running.
For more information about how to keep your network and your data secure, contact the Axis Insurance Group today.
Are you prepared for a major cyber security event? Download our free Cyber Toolkit to learn more about cyber incident response plans and how to create one of your own.