Learn the best practices to increase network security
Juan Camilo Ruiz
So far this year, AV-TEST (German independent research institute for computer security) has managed to identify just over a billion different malicious programs (malware) that seek the theft of sensitive information in corporate and personal accounts.
Compared to the metrics recorded during 2019 (1000 million detected malware) this year has managed to position itself as the most important in areas of computer security since the number of cyber-attacks that happened in 12 months has already exceeded the metric between January and February of this year.
With figures like the previous ones, It is clear that no one is exempt from being a victim of a cyberattack and that only those who are well prepared can face it. The time has come to devote more time to personal and corporate cybersecurity, and for this, we must generate habits that help improve network security.
Start with specific actions that enable more robust cybersecurity, or failing that, start your development always seeking to avoid being a victim of a cyber-attack, for which you can start with:
1. Create and ensure to maintain your network security protocol
Having a protocol of defined actions and procedures will help not only prevent cyber-attacks but also set the path to follow when the organization is facing a possible cyber assault. These policies must be documented and easily accessible to all members of the company.
It is also necessary to train staff regularly to ensure that everyone has the required skills to apply security policies, recognize sensitive information, security breaches, and possible information leaks.
If you want to measure the knowledge of your team in your information security policy, you can use questionnaires and surveys that help your staff to be aware of the risks, the best way to act, and the importance of their participation in compliance with security policies.
2. Promote a firm password policy
Perhaps this is the most prevalent habit regarding cybersecurity tips, and it is due to the high risk involved in assigning weak passwords to corporate and personal accounts. For example, having access codes for the convenience of your memory is a big mistake, as a cyber assailant uses programs that help you randomly generate some passwords based on Your personal information.
Create passwords of a complex nature, with at least 12 characters and that involve the use of non-sequential numbers, random capital letters, and special characters. Also, it is appropriate to update them with some frequency so that you can set an expiration of 60 to 90 days.
Remember: Avoid the use of personal names, friends or family, in addition to birth dates and contact numbers, this is the type of information that is readily available in public databases and social networks.
3. Keeping the system up to date is a crucial point
Having an updated policy implies for any cyber assailant a much more complicated attempt to access it since they usually base their attacks on old versions of the software. Therefore, periodically and frequently performs the update and installation processes of the latest versions of operating systems, drivers, antivirus, and other software for daily use in the company.
Likewise, it is necessary to modify the default security settings in the latest versions of each software to match them with your network policy.
4. Don’t forget the human factor
In technical terms, users can be configured as the weakest point of any network and are, therefore, the preferred targets of attackers. An example is the phishers, who can perform social engineering to gain confidence and get the user to download an attachment to an email that promises just what the user was looking for on the Internet.
However, that is not the only possible scenario; there is also the possibility that an employee with some resentment towards the company decides, from within the corporate infrastructure, to open a security breach that allows information to leak.
It is helpful to configure network privileges to block access to specific sites, generate filters defined and robust spam, and prevent the installation of software that does not meet the standards of the internal cybersecurity policy.
Key point: Computer security should include the joint participation of all employees of a company, so it is essential to continually train them and share with them the importance of corporate security policy. To make the training process more manageable, you can rely on posters, emails, workshops, videos, and drills.
5. It would be best if you had a reliable firewall
Each cybersecurity policy requires additional assistance specialized in continually monitoring and monitoring your network. For example, firewalls or firewalls prevent and are a protection mechanism to mitigate the chances of some malicious files entering the network.
Lean on your cybersecurity team or a specialized company to make the relevant settings, taking Always consider compliance with your company’s security policies. If you do not have a cybersecurity policy, you can consult with an expert that allows you to carry out the survey, definition, documentation, and promulgation of it.
Preparing yourself as a cybersecurity professional
The five previous tips can give you a sound security barrier that efficiently tolerates attempts to steal information. Still, there are some additional points that you can keep in mind if you are interested in raising the level of security in your corporate network a bit more, for example:
- Conduct frequent audits: review corporate security policies validating that your network equipment and infrastructure configurations comply with them.
- Physically secure the network: disconnect the Ethernet ports that are not required or will not be used and try to use locks to limit access of the general public and employees to places where they are Find the infrastructure components.
- Filter MAC addresses: this activity could prevent an internal employee within the network from generating a vulnerability. It will not stop an external cyber attack, but it is useful once it enters the network.
- Divide your network traffic using VLAN: an excellent idea to have more control over the corporate network is to segment it by type of traffic (general access, SAN, DMZ, and VoIP) or by type of user (employees, administrators, and guests).
A good example of standards for increasing network security is the guidelines of the protocols established by the Center for Internet Security (CIS) who publish best practices for cyber defense and lead communities that enable an environment of trust in cyberspace.
Delve a little deeper into computer security by adding to all the advice we have given you the use of 802.1X authentication and VPNs to encrypt Some specific servers.
Juan Camilo Ruiz
Juan Camilo is an electronic engineer, an expert in technology, telecommunications and digital transformation processes, and currently works as product manager in security and managed services at InterNexa for the entire region.