Creating, upgrading, and maintaining you network is a full time job. But are you doing everything available to secure your network against cyber threats? Maintaining your network is the easy part. Securing it takes a little more thought.
Let’s start with your software. Legacy software can be described as any program that uses older technology. Generally speaking, not only is it hard to update legacy software, that software typically must use older hardware to run. And the combination of old software that hasn’t been updated and old hardware is a recipe that hackers love to exploit.
If you’re still using Windows XP… stop it, already. Windows XP is no longer supported and hackers know that there’s still a huge installed base out there. 1 + 1 = you’re increasing your chances of getting infected or hacked if you don’t upgrade to the latest OS.
Yeah, Windows 10 has its quirky bits, but what Windows OS doesn’t? Going to Windows 10 will improve your PC security and it looks and acts enough like XP that there really is no learning curve. (Don’t even get me started on Windows 8!) Saying that, one of the easiest ways to minimize your chances of bad stuff happening to your network is to ensure that you’re using the latest fully updated operating system and your applications are also up to date.
So, you have the latest OS and you’re running everything on newer hardware. What happens if, even in spite of your best attempts at securing your network, one of your computers becomes infected with a virus, or worse… ransomware?
Three words… backups, backups, backups. If the data is mission critical, then not backing it up is just asking for something bad to happen. If you have to re-image a computer on your network because it has been hacked or infected, then having a recent backup can mean the difference between success and getting eternally ridiculed from everyone at the office.
Just backing up is not enough. Once the data is backed up, it should be taken off site.
If you’re backing up your data on a USB drive, ensure that the drives are disconnected from the computer after the backup completes. That way, if the computer becomes infected, the backups will be safe. Even more, once the backup is complete and the USB device is disconnected from the PC, the backup media should be removed from the current location. If your office experiences a catastrophic event, then your backups will still be intact.
The most efficient way to do this is to have a cloud-based backup solution. That way, all of your backed up data is stored at another site, usually in a geographically different location. Cloud-based backup solutions are, obviously, fee-based solutions. But the ability to quickly restore your data and get up and running is priceless.
Network security is also as simple as educating your employees. A well designed and implemented acceptable use policy would explain what employees can and cannot do regarding the hardware and software in your office. It’s also a good tool to use to make your employees aware of what they should (and should not) do in the event of a suspected hack, breach, or infection.
Even the best anti-virus, anti-exploit, anti-malware, and anti-ransomware is only as good as the person using the PC. Social engineering can defeat security software. Employees should be educated in how to recognize phishing attempts, suspicious looking websites, etc. that can be used to gain unauthorized access to your data.
And don’t forget about face-to-face and telephone conversations. People who engage in social engineering are good at making you feel at ease. They’re pros at making you think the questions they’re asking or the access they’re requesting is legitimate. They may drop names of your supervisors, or act as though there’s a sense of urgency. But an employee education program can train users on how to spot attempts at social engineering being used to gain access to your data.
Now, here’s the difficult and (probably) expensive part… securing access to your network with network-wide hardware/software solutions. Obviously, the firewall is the gateway to your network. Having a robust firewall that also provides content filtering, anti-virus/anti-malware, and intrusion prevention goes a long way toward securing your network environment.
Of course, the newer firewalls that provide these services are pricey. I’ve seen it first hand that many managers don’t want to, or can’t, spend a few thousand for a piece of equipment that they never see. And if people don’t see a piece of equipment at work, they generally don’t realize the benefit of having it… until it’s too late.
Along with the next generation firewalls, an enterprise-level anti-virus is essential. Many companies will put free anti-virus software on their computers. They’re free, so there is that. And they do detect incoming viruses. But that’s about the only benefit.
The problem with using free anti-virus titles is that the act as though they’re independent installations. And they are! It comes down to simplifying your administration. If you have 20 PCs running stand-alone anti-virus software, then you have to constantly check 20 different computers to ensure that the software is fully updated and that you have no viruses.
With an enterprise-level anti-virus solution, you’ll commonly have a dashboard from which you can check connected systems, software update status, infection status across ALL computers on the network, etc. Having this solution will ensure anti-virus consistency across your network. And that means less work for you!
But with today’s threat environment, just having an anti-virus solution may not be enough. In addition to your anti-virus, you may need to add some software to address specific issues like malware and ransomware. A multi-factor approach to security is always the better option.