FINAL WORD
3. Keep a close eye on user permissions
While unintentional insider threats may be
the more widespread problem, intentional
ones – where authorised users attempt to
steal valuable data – can still cause major
damage. In many cases, these kinds of
attacks happen as a result of disgruntled
employees (or former employees) using
their network permissions to access sensitive
information. Most businesses have different
levels of privileged users but giving anyone
access to everything is a huge risk. Never
allow any of your users the authorisation
to security logs and be sure to provide and
enforce network-use guidelines for anyone
with permission to access network data. Also,
be aware of the dangers of BYOD and IoT
devices connecting to your network, as these
devices can also carry malicious programs or
lead to data being taken off premises.
4. Use a reliable network packet
broker to send the right traffic to
the right tools
When it comes to network security, we
sometimes err on the side of caution. For
example, even though certain tools are
designed to be more effective with certain
kinds of traffic, many organisations still
send all of their network traffic to all of their
security tools. Unfortunately, with network
speeds, data volume and the number of
business applications all increasing, security
tools are being pushed beyond the capacity
they are built to handle. This increases cost
while also slowing down business applications
leaving networks more open to attack. A
much better solution is to give your security
tools access to only the traffic they need
to analyse, while preventing access to
the traffic they don’t need to see. A next
generation network packet broker, purpose
built for security solutions, can provide traffic
intelligence features such as metadata,
application session filtering, SSL decryption,
masking and more to ensure that appropriate
traffic is being optimally routed to inline
and out-of-band security tools. This not only
improves network security, but also allows for
faster application and network performance.
5. Stay compliant
Your organisation isn’t the only one that
wants to keep your network safe from
intruders. Users have a vested interest in
86
INTELLIGENTCIO
ensuring that their sensitive data is kept out
of malicious hands and that means that the
government is likewise interested. Federal
and other government rules exist to help
ensure data security, and businesses and
other organisations are expected to comply.
Regulations (such as HIPAA, ISO and PCI
DSS) may seem like an extra hassle, but
they provide a number of reliable network
security best practices around policies and
procedures that can keep your customers
and your business, safe. If you want to keep
your network secure in 2019 and beyond,
don’t let your compliance slip.
6. Establish a security policy
Sometimes setting clear expectations
and guidelines for your employees can
mean the difference between secure and
unsecure networks. This will help network
users better recognise what is, and what
is not acceptable user behaviour. Perform
a network security risk analysis and see
what areas your policy most needs to
cover. Of course, guidelines are only
useful when employees internalise them.
Given the massive amounts of employee
onboarding most organisations put their
new hires through, it’s not surprising that
many employees fail to do more than give
network security policies more than a cursory
glance. To make sure that employees are
contributing to network security, provide
on-going security-policy training, including
what to do in real-life situations. Also, keep a
security-policy expert on-hand, so that when
users need further clarification they have
someone they can go to.
8. Don’t forget about third-party users
Many businesses outsource to third-party
contractors, and that often means that
those contractors need some level of access
to the organisation’s network. That said, if
internal employees represent a major threat
to your network security, then third-party
users are at least as dangerous. Allowing
third-party contractors network access
increases the number of system access
points, and in turn creates more potential
entry locations for malicious attacks.If you
work with contracted employees or agencies,
never allow them more data access than
is absolutely necessary. At the same time,
carefully evaluate any contractors before
you commit to work with them. If they are
compliant with regulatory requirements,
and if they follow effective security policies,
they’ll be less likely to turn into a liability.
9. Educate your users
Network security best practices can help
you create an effective plan of defence
for your vital data, but if your users aren’t
doing their part, then your network will
always be vulnerable. This means that if
you want to secure your data, you need to
secure the users who access it. Train your
employees on how to recognise and report
specific threats, create strong passwords,
and use and access data correctly. Your
security best practices are only as good
as those who follow them. Educate your
employees on how to protect your network,
and you’ll have another reliable line of
defence between your data and the threats
that could compromise it.
7. Always backup your data
One important thing to remember about
digital information is that it can be copied.
This means that at any given point in time,
your organisation can create a backup –
essentially a detailed snapshot – of your
network data. By then maintaining that
data separate from the rest of your network,
you’ll have a recent version of your data
to fall back on in the event of a damaging
cyberattack. Despite this, only about half
(51%) of businesses keep a data back up,
and only 36% of enterprises back up their
business data completely. Regularly back up
your entire network, so that no single breach
has the capacity to completely obliterate the
information your company depends on.
Prevention is always the best
network security plan
By the time you discover that your
organisation has suffered a data breach, the
damage will have already been done. This
is why it’s so important to prepare ahead of
time. After all, in terms of network security,
an ounce of prevention is worth far more
than a pound of cure.
To help your organisation develop an
effective security posture to deal with any
threat that comes your way, check out
Gigamon intrusion prevention solutions,
and secure the network data that supports
your business. n
www.intelligentcio.com