Almost daily, we hear about another well-known company experiencing a data breach. Hackers are repeatedly successful at exploiting vulnerabilities in the network to make off with the personal information of thousands of customers. These breaches end up putting the customers at an increased risk of identity theft while also negatively impacting the reputation of the company. Instead of waiting to become the next company involved in a major data breach, below are some steps that can be taken now to strengthen the security posture of your company’s network.
Physically protect network devices
Network communication lines, servers, routers, firewalls, and switches should be stored in a server room or otherwise secured in a locked area to prevent the unauthorized tampering of these devices. Only authorized staff such as IT and Cyber professionals should be allowed access to those rooms.
Harden servers, firewalls, and routers
Remove any unnecessary network services and close or block traffic from unused ports. Limit incoming and outgoing traffic to needed services and use encrypted communication channels whenever possible.
Secure applications
Keep applications updated regularly to apply any security patches to protect from compromise through unknown vulnerabilities. Also, ensure that applications are properly configured and are operating at the least privileged account necessary (all applications shouldn’t run with administrative or root-level access).
Install antivirus and antimalware
Antivirus and antimalware are great tools for discovering whether there are any viruses or other malware lurking on your machines and servers. These tools can catch, quarantine, and remove malicious programs before they have a chance to wreak havoc on your company’s network.
Segregate networks using a DMZ
DMZ stands for de-militarized zone and is used for protecting internal servers from external networks. This can be done by placing the internal servers behind a secondary internal firewall to decrease the chances of exploitation or access from external sources.
Virtualize servers
It is good practice to host servers on virtual machines. If a server ever becomes compromised, the malware would be localized to that particular virtual machine and it could be easily removed through the deletion of the virtual machine. Virtualization is also beneficial in that no harm would come to the underlying hardware.
Remove default usernames and passwords
If a hacker is able to determine what brand of technology is being employed in the network architecture, he or she can gain privileged access to the network by logging in with default usernames and passwords. A simple fix against such a scenario is to change the default username and password which decreases the likelihood of the hacker being able to compromise the network.
Develop backup and recovery strategies
It is imperative that critical assets, data, and files are backed up on a regular basis. It is also important to have a recovery strategy in place so that in the event of a breach, impacted resources can be efficiently restored to prevent a major impact to the operational status of the company.
Train employees
According to Heimdal Security, 41% of company data breaches are attributed to negligent or untrained employees. This alarming statistic underscores the need for companies to properly train their employees on how to recognize phishing emails and how to be suspicious when being asked to click on links. It doesn’t matter what kind of technologies or other protection parameters are in place if a hacker is able to convince an unwitting employee to click a link resulting in the possible downloading and spread of malware.
Run cyber simulations/scenarios
Building upon the previous tip, running cyber scenarios is a good way to ascertain if your employees are retaining the information that they’re being taught in training. There are several tools that will allow you to send fake phishing emails company-wide to see who will click on the link without verifying the sender or the URL of the link itself. Another scenario might involve leaving a USB drive labeled with something interesting such as “company secrets” or “executive salaries” in the bathroom to see which employees stick the drives into their computer. The drives could then download fake “malware “(such as a pop-up stating that they failed the scenario).
Ensure that third-party connections are protected
If your company contracts work to a third-party vendor, it is very likely that that vendor connects to your network in some way to perform their work on your data. Should the vendor’s network be not up to par, your company suffers a heightened risk of compromise at the hands of the vendor. To mitigate such risk, it is important to require that your contracted vendors’ networks meet either a minimal standard of protection or match your company’s protection level.
While no set of steps can guarantee that your company will be 100 percent safe from hacking, implementing these steps will bolster your company’s security posture and help to protect the network from cyber-attacks.