1. SecurityHeaders
  2. Virus Total

Security in-a-box

10 ways to avoid a Wikileaks or NSA-style data breach

While no network is 100 per cent impenetrable; there are several ways small businesses can shore up networking security and preventing their own „wikileaks:”

1. Take a Multi-Faceted, Layered Approach

Network security is not just about having an antivirus program running on every desktop. It’s all-inclusive. This means any node on your network, wireless and wired, must be protected. It also means you have compliance rules that govern anything that is allowed to connect to your network. You must also have protective measures for data both at rest and in transit. This means protecting not just data on servers and user machines, but data that goes in and out of your network, with security methods like encryption. Finally, you’ve got to keep control of mobile devices on your network as well as which USB devices may or may not have access.

2. Create, adhere to and maintain a security policy

No matter the size of your company, best practice dictates that the first step is creating and documenting a security plan. This is required by regulations like HIPPA, but it’s actually a good idea for any business with a network. Educate and familiarise employees with the plan. Keep it updated as you add and deploy new technology on the network, or when new technologies like the iPad emerge. Most importantly, adhere to it.

3. Protect the perimeter

Third-party application or appliance firewalls (separate from the default firewalls found in OSes and routers), Unified Threat Management devices, and Intrusion Detecion/Protection systems (IDS/IPS) are all parts of a layered, comprehensive security solution.

Purchase the best devices you can, as these technologies can help protect against DDoS attacks, snooping and other external threats. Zyxel offers UTM appliance for the SMB, as does eSoft. Juniper and Dell have partnered to deliver the J-SRX Services Gateway Series. Cisco and Juniper also offer many firewall and IPS/IDS solutions. Many SMB security devices are designed to be easily deployed without the need for dedicated IT support.

4. Secure endpoints

It’s vitally important to cover your network endpoints. What’s an endpoint? Any single thing that can attach to your network, whether it’s a server or a USB drive. Pay particular attention to those small portable devices like USB and external hard drives. They can be carriers of threats, sneaking them into and out of your business’ network.

For years, network security admins considered networks as closed, unified entities, and designed their defensive strategies accordingly. With the proliferation of portable devices, you’ve got to consider your network as an expandable, mobile one. That’s why endpoint security is crucial. Patching endpoints, performing vulnerability assessments, remediation, and enforcing corporate compliance are all part of effective endpoint security.Implement Data Leak

5. Prevention

DLP is software or devices that can aid in preventing data theft from within an organisation. It does so by allowing network administrators to lock out unauthorised users from USB and FireWire devices, prevent users from connecting PDAs or any other plug-and-lay devices, and allow defining and controlling data retrieval policies. One example of a DLP solution isDeviceLock.

6. Adhere to corporate compliance

Corporate compliance isn’t the same as a security policy. A policy is your network’s laws, whereas compliance refers to their enforcement. For example, enforcing compliance means preventing any PC or laptop from accessing the network if it doesn’t have the security patch specified in your policy. Products such as Trend Micro Worry Free; Symantec Protection Suite for Small Business and McAfee Total Protection for Endpoint are all focused on securing the endpoint

7. Don’t forget user security

Security problems can originate from what’s in between the keyboard and chair: end-users. Restricting what users can and cannot access (maybe using a Web filter to prevent Facebook access during work hours, for example) can stop nasty bugs from entering your network.

Don’t run a free-for-all network; force users to authenticate into the network, whether it’s a wired Windows Domain using Active Directory, a SQL Server or a wireless router.

For organisations with highly sensitive data, there are third-party solutions like RSA SecurID which provides two-factor authentication for users to access network resources. Implementing authentication lets you keep tabs on who is accessing what, when they can access it, and helps in keeping hackers out.

No matter how effective you are in securing up a network, you still have to contend with end-users, who often inadvertently make the biggest security breaches. Educate users about security and policies.

8. Smartphones and mobile devices need security, too

Threats are still largely endemic to the Windows ecosystem. That doesn’t mean other devices, such as Apple products and smartphones, should be left unsecured, however.

Treat them as you would treat any other endpoint and ensure they comply with your security rules. For example, only allow them to connect to your network if your endpoint solution detects that they have antivirus installed.

A recent study showed that, yes, you do need security on smartphones and assessed four different mobile phone security solutions. You may think the potential for being hacked via your cellphone is remote, but at the very least you’ll want some software on your handsets that lets you lock them down should they be stolen.

9. Don’t set it and forget it

There are a number of routine network housekeeping tasks that should be part of your security strategy. Keeping all of your software updated is one. This not only includes Windows Updates and patches for servers and clients, but applications, firmware upgrades on routers and switches, and pertinent updates for smartphones on the network. Many of these updates contain security fixes and patches.

Keep a handle on updates and patches with a solution like GFI LANguard, which offers patch management. Also, as users come into and leave your network, be sure to remove or disable (depending on your corporate policy) their access to the network and its resources.

10. Watch the watchers

Anyone responsible for maintaining network health and security, from the CIO on down, should be part of a checks-and-balances system where no one person has lone knowledge over passwords or network activity.

There are several third-party security vendors, such as Guardium who make devices that will log all activity happening on a database, including alerts for changes made by administrators. Log files should be enabled for major transactions and network activity and regularly inspected.