Building a firewall countering Security Threats!
Once the realm of IT security professionals, computer security is now an issue and concern for all business people.
Recent high profile security breaches have exposed data of over billion users.
Cyber-crime is now big business and criminals are looking to steal information such as financial details, credit card information, personal details, or any other information which they can sell or trade.
These criminals are becoming more and more sophisticated and employ many different methods of attacking organizations having computer networks.
12 things you need to implement today – to can ensure your network is protected
Implement a vulnerability management program.
Most computer viruses and worms try to exploit bugs and vulnerabilities within the operating system and applications that companies use.
New vulnerabilities are introduced into networks every day, be that from installing new software and services, making changes to existing systems or simply from previously undiscovered vulnerabilities coming to light.
It is important to regularly review your network and the applications running on it for new vulnerabilities. Any discovered vulnerabilities should be rated and prioritised regarding their criticality and the potential business impact they could have.
Once this has been done, a plan on how to manage those vulnerabilities, either by patching, upgrading, or managing the vulnerability using tools such as firewalls or Intrusion Detection Systems should be put into place.
Install Anti-Virus Software.
Ensure that reputable anti-virus software is installed on all computers. This should include all servers, PCs and laptops. If employees use computers at home for business use or to remotely access the network, these PCs should also have anti-virus software installed. Ensure that the anti-virus is up to date.
Employ a firewall to protect networks.
As computer viruses can spread by means other than email, it is important that unwanted traffic is blocked from entering the network by using a firewall. For users that use computers for business away from the protection of the company’s network, such as home PCs or laptops, a personal firewall should be installed to ensure the computer is protected.
Filter all email traffic.
All incoming and outgoing email should be filtered for computer viruses. This filter should ideally be at the perimeter of the network to prevent computer viruses. Emails with certain file attachments commonly used by computer viruses to spread themselves, such as .EXE, .COM and .SCR files, should also be prevented from entering the network.
Educate all users to be careful of suspicious e-mails.
Ensure that all users know to never open an attachment or to click on a link in an email they are not expecting. Even when the email is from a known source, caution should be exercised when opening attachments or clicking on links in emails. Criminals use the trust placed in an email contact you know to trick you into clicking on a link or attachment.
Scan Internet Downloads.
Ensure that all files downloaded from the Internet are scanned for computer viruses before being used. Ideally this scanning should be done from one central point on the network to ensure that all files are properly scanned.
Don’t run programs of unknown origin.
It is important that you use a trusted source for your software requirements. This is to ensure that all software installed can be accounted for and that its sources can be confirmed to be legitimate. All users should be educated to never run a computer program unless the source is known or has originated from a person or company that is trusted.
Make regular backups of critical data.
It is important to ensure that regular copies of important files are kept either on removable media such as portable drives or tape to ensure you have a trusted source for data in the event that the network is infected with a computer virus. Not only will this ensure that important data is available in the event of a computer virus infecting the company’s network, backups will also enable the company to restore systems to software that is known to be free from computer virus infection.
Develop an Information Security Policy:
The creation and publication of an Information Security Policy is key to ensuring that information security receives the profile it requires in the organisation and is the first critical step in securing the company’s systems and data. It is important that senior management support the Information Security Policy and that all users are made aware of their roles and responsibilities under this policy.
Monitor logs and systems:
Regular monitoring of network and system logs can assist in the early identification of a computer virus infecting the network or other attacks by criminals.
Unusual traffic patterns or log entries could indicate that the network has been infected or that its security has been compromised. As well as monitoring for suspicious traffic and events, it is important that logs for other devices are checked regularly to ensure that the network remains protected. Log files for the backups should be checked regularly to ensure that the backups succeeded, likewise the log files for anti-virus software deployed should be regularly checked to ensure that all PCs are running the latest version of the anti-virus software.
Develop an Incident Response Plan:
Knowing what to do when a computer virus enters the network or when you suffer a security breach is critical to minimize the damage they may cause, both to the business and also to customers and suppliers. The incident response plan should outline the roles and responsibilities that people have in the event of a computer virus infecting the network or indeed any other type of security breach. This plan should be drawn up and agreed between all relevant parties before an incident occurs. Remember, the worst time to develop a security incident response plan is in the middle of such an incident.
Restrict end user access to systems:
Where possible, end users should not be given administrative privileges to their workstations. Most computer viruses can only run in the context of the user that is logged into the system, i.e. they only have the same permissions as the user running the program. If that user has their access restricted, then the virus will be similarly restricted. Unfortunately many applications designed for the Windows platform require the end user to have such privileges; however these users should be the exception rather than the rule.
Cyber criminals pose a very real and constant threat to every business. It is important that businesses recognize this threat and take the appropriate steps, such as those outlined above, to reduce the likelihood and minimize.