4 Min Read
I have a question for you: What are the most important things that you need to do to keep your network safe from attack? Odds are that, unless you have a fair amount of experience in IT (or, more specifically, in cybersecurity), that question is a little hard to answer. In fact, it’s probably the search for answers to that very question which lead you here.
While no amount of security will ever stop 100% of all attacks, you can significantly minimize your risk of suffering a breach and the fallout from such attacks by taking a few critical steps to secure your business’ network infrastructure, including:
1) Running a Network Security Audit
At its core, a network security audit is a process by which a company can investigate their network security policies and the various assets they have on their network to identify any potential deficiencies that might lead to a security compromise/breach. Many times, these audits are completed by a third party, such as a managed security service provider (MSSP), but some larger companies with more robust budgets can also run such audits using an internal cybersecurity team.
A comprehensive audit covers multiple review processes, such as:
- Firewall Architectures/Configurations. What kind of firewall solutions are in place and where do they rest on your network (at the perimeter, in between individual servers/assets)? Also, are firewall configurations up to date and free of conflicts that could be exploited by an attacker?
- Asset Identification. What kind of assets are on the network, and what kinds of software and operating system (OS) does each one run? Knowing what’s on your network is crucial for identifying potential weaknesses so they can be fixed—such as software that isn’t up to date with its latest security patch.
- Security Policies/Procedures. What standards does each of the people in your organization understand/follow when it comes to keeping your business’ data secure? Do you have a BYOD (bring-your-own-device) policy for using personal devices at work? How are security policies enforced? A review of all your security policies and procedures is crucial for keeping your data secure.
- Risk Assessment. After identifying all of the assets on your network and reviewing your security policies/procedures, what are the most significant threats that you need to take care of ASAP? Risk assessments help you prioritize your cybersecurity efforts to close your biggest gaps first.
This kind of cybersecurity audit is a crucial first step in securing a network infrastructure against potential intrusion attempts because it allows you to identify critical gaps in your security architecture so you can fix them. It can also help you to prioritize which of the following next few steps you need to focus on first based on the risks you’ve identified.
2) Conduct Cybersecurity Awareness Training!
The biggest weak link in any organization’s cybersecurity architecture is, usually, the organization’s employees—especially if said employees haven’t undergone cybersecurity awareness training. Employees who aren’t aware of the various threats found online may end up falling for phishing attacks, downloading viruses to their workstations, or using easy-to-guess passwords that let others hijack their user accounts.
Cybersecurity awareness training helps to plug the biggest gaps in your workforce’s knowledge—letting them know what the risks are and how to identify some basic phishing attempts. This can help harden the human element of your workforce against online attacks.
According to data cited by the Harvard Business Review, “60% of all attacks were carried out by insiders. Of these attacks, three-quarters involved malicious intent, and one-quarter involved inadvertent actors.” Considering this, providing cybersecurity awareness training can help curtail a significant portion of cyberattacks.
3) Limit User Access Privileges to the Minimum Necessary for Work
If three-quarters of insider attacks are malicious, or carried out purposely by users with legitimate access, how can your organization prevent such attacks or limit their impact? One solution is to apply a policy of least privilege (POLP) to every user account on the network.
Under a POLP, users on the network are restricted to having only the minimum level of access that they need to perform their core job function. The major benefit of this is that it helps to dramatically reduce the risk of an insider stealing data—especially if your network assets are strictly isolated from one another. By limiting access, you can limit the amount of data an employee can compromise without having to breach other defenses—which gives your intrusion detection system (IDS) more of a chance to detect the abnormal activity.
4) Patch Your Software ASAP!
Another major security vulnerability is unpatched software on the network. Companies are constantly finding and fixing security flaws in their software and systems—flaws that give hackers a way past otherwise solid defenses.
While many panic over the “zero-day” exploit—that vulnerability which the original software developer doesn’t know about that hackers can use with impunity—the truth of the matter is that the most-frequently used exploits involve older, known security issues that already have fixes available. In fact, according to data from 2016 cited by CSO online, “out of all detected exploits, most came from vulnerabilities dating to 2007. Next was 2011. Vulnerabilities dating to 2003 still account for a large portion of hacks of Microsoft software.”
So, one of your top priorities after a security audit is to look at the list of software on each of your network assets and make sure that they all have the most recent security patches—especially if the software version is years out of date. If you have software that is no longer supported by the original developer, it may be time to uninstall that software and replace it with a newer program that has up-to-date protection.
5) Review Your Cybersecurity Tools
Does your organization have the right tools in place to sufficiently mitigate your network’s cybersecurity risks? While you don’t have to pick up every cybersecurity tool on the market to protect your business’ network infrastructure, you should at least cover the basics needed for mitigating risks and covering the regulatory obligations specific to your industry.
But, which tools should you add? This is a question that a cybersecurity audit should help you answer—along with some input from a trusted cybersecurity advisor. In the audit, you would have compiled a list of the various assets on your network—including the individual cybersecurity tools on the network (firewalls, IDS/IPS, antivirus, remote backups, etc.) that you can use to respond to your biggest threats.
The truth is that a blog article like this won’t be able to tell you which solutions are the best for your needs right now—it takes a careful assessment of your resources and goals to find the cybersecurity tools that will be the best match for your company’s particular situation. If you need help finding the right tools to protect your business, contact the experts at Compuquip Cybersecurity for advice any time!
We have years of experience in helping companies of all sizes and industries minimize their cybersecurity risks, and we believe in a “technology agnostic” approach to choosing cybersecurity tools—meaning we pick technologies based on how much we think they’ll help you and your business, not just because they’re shiny and new.
For more help securing your business' network, sign up for a free checkup at the link below:
Keep Your Network Secure!
Follow along this network security audit checklist to protect your business.