Your IT security team probably spends a considerable amount of time thinking about what their plans are if there is a network security breach. Sometimes the best offense is a good defense. Spending more time thinking about ways to adequately prevent intrusions is actually more productive than spending the same amount of time planning on “what if” scenarios. Your IT team should start thinking about ways to take a more proactive stance on security and work with the staff to prevent intrusions before they occur.
Are your users and employees aware of the way that their access can be exploited? If not they should be. Users are the first line of defense against hackers and intruders.
Users should be aware of the different attack vectors that hackers can use to get into the network. Encourage them to learn more about how phishing or spear phishing attacks work. Talk about how important strong passwords are and let them know that they are the ones who are responsible for network security. The more your users are aware of their roles and responsibilities the more secure your network will be.
Are your mobile devices encrypted? Laptop theft is one of the main ways that hackers can gain critical data or access to your networks.
If employees are provided with laptops for their own use or are allowed to use personal laptops on company networks, then you need to enforce an encryption policy on those devices. This will prevent any breaches due to theft or loss.
Does your team or a contractor run regular vulnerability assessments on your network? Spending time to look for holes in your existing infrastructure is an excellent way to find them before hackers do.
You should make vulnerability assessments part of your regular maintenance plan. This means doing them weekly, at most monthly. With the way that software changes, quarterly assessments are too little, too late.
Remember to do assessments not only on your external facing systems but your internal ones as well. Unfortunately, threats are just as likely to come from inside as they are from outside.
If your patching schedule consists of turning on Microsoft update and letting it run on its own schedule, then you need to rethink your IT security strategy.
Today’s networks are a conglomeration of all sorts of operating systems. You not only have Windows machines attaching to the network but Android, iOS and maybe even Linux. This means enforcing updates across all platforms and with all installed software. Don’t forget about patching Adobe, Flash, Java and other third party software on your network.
You do not want to be caught with a vulnerability that was patched three or four cycles ago simply because you only focused on one network platform.
If you need help setting up your IT security or with any aspects of network security then contact U.S Computer Connection today.