Best Practices for Network Security
I have learned that by using and implementing best practices, I can keep the department aligned with the overall company strategy. It also makes it easier for other managers, directors and higher level management to buy into the vision and goals for the Information Technology Department as they see how it fits easily into the overall company strategy.
There are many best practices in the Information Technology field and it is up to you, as the Certified Information Professional, to use your knowledge to find the correct strategy for your company and figure out how to protect its assets.
Best Practices in Network Security
The best way to have Network Security is by securing the client network systems and your servers. You can learn more about the “how to” for Windows Server Security in Microsoft Certification Courses such as Windows 2016 Server Administration as well as Windows 2016 Server Networking, which can be viewed through INE's All Access Pass.
1. The first step to anything is planning, review and implementation
I believe that one of the most important things that a certified professional in the Information Technology field can do is plan, do more planning, then review and revise the plan. It is a good idea to study best practices of similar companies to get ideas. Continue to revise and modify your plan until you have a solid base across all parts of the Information Technology setup. Once you have done that, it is time to roll it out.
2. Implement and enforce passwords and password rotation
One of the first steps you should take as part of network security is to enforce passwords and password rotations across all systems.
3. Understand and explain the threats to users
As a Certified Network Professional, part of your job could be enforcing security and explaining its importance to protect not only the company, but also protect themselves as users on the network. Part of your job may also be getting “buy in” from end users on the steps needed to protect the company’s data and network. A report from Symantec’s 2017 Internet Security showed that 1 in 131 emails worldwide were infected, and 30% of them were opened (Garrison, 2017). Think about how many company emails go through your systems every hour. Also think about how often users open their personal email accounts while at work, which adds even more potential security issues.
A report on CyberCrime done in 2017 (Ponemon Institute LLC and Accenture, 2017) shows that the average cost of a malware attack on a network is $2,400,000; Yes $2.4 million dollars, with an average time of 50 days to resolve insiders attack, and 23 days for ransomware attack. One of the things you will learn as you become a Certified Network Professional are the necessary steps needed to minimize company risk. Can your company afford to pay that or be down that long?
One of the advantages of having multiple certifications is that it shows your employer or customer that you take your job seriously, that you are truly a professional in the field, and that you are familiar with those best practices. It shows that you are not only relying on your personal knowledge, but also the knowledge of other industry professionals and that you follow best practices in general.
4. Protect the operating systems and all devices connecting to the network
One of the best practices for all client systems, regardless of what type of units they are, is a corporate antivirus package that is setup for a forced install on every system. You can force the system to install and update at every login or every time it connects to the network. This is very important for remote access users and bring your own device (BYOD), as you have no control over what network they are connected to, or what they bring into the company. This can be a very visible reminder to your users that the Information Technology department is working to protect the company. You must pick the package that works best for your company and consider what works for a law firm and their needed software may not work for an engineering firm that works with 3D C.A.D. software. One of the best practices is to find the software package that has minimum impact on the client systems, you do not want to slow down the work employees are doing.
5. Best practices in specific areas of your company
A best practice that I have found very useful is internal quarterly audits of the Network. This means we take the information from the monthly reports and go over them not just to find any current issues, but to figure out what adjustments need to be made to protect the company assets. As you expand your skills and become a Certified Security Professional, you will use your knowledge to plan and make recommendations on what changes need to be made 30, 60, 90 days, even a year in the future.
6. Create policy on personal devices
Do you allow employees to connect personal devices to the company Wi-Fi for internet access? How do you stop them from downloading information from the Network to their personal devices?
If you allow personal devices on the network for internet access you will need to implement a robust internal firewall strategy, as well as the standard external firewall setup.
7. Use physical and logical network separation
One of the best practices when using IPV4 is to utilize subnets and routers to logically break up the network so if one section is infected, you minimize the chance of it moving to another part of the company. Also, you will want your Wi-Fi network to be physically and logically separated with subnets from the rest of your network. The knowledge you gain through certifications such as Microsoft Windows Server 2016 Networking 70-741, as well as CompTIA Network +, will help you use tools like subnetting to protect your network.
Another best practice is to physically separate parts of your network so different departments are on different physical switches using routing to communicate between the different networks.
8. Your job never ends. Test, protect, plan and make adjustments
Once you have your network up and running with protections in place, how do you know that it is working properly? You will need to test it constantly. You can get this knowledge on how to test your network through certifications such as CompTIA Security + and Pentest +.
By using these and other industry best practices, along with the knowledge gained through your certifications, you will be able to create policies and rules that protect the company, your network and your sanity.
Garrison, T. (2017, Oct 4). Four Best Practices for Enterprise Cybersecurity in 2017 . Retrieved from Intel IT Peer Network: https://itpeernetwork.intel.com/four-best-practices-enterprise-cybersecurity-2017/
Ponemon Institute LLC and Accenture. (2017). Cost of CyberCrime Study: Insights on the Security Investments that Make a Difference.Retrieved from Accenture LLP: https://www.accenture.com/t20170926T072837Z__w__/us-en/_acnmedia/PDF-61/Accenture-2017-CostCyberCrimeStudy.pdf