It’s a given that computer networks are the backbone of every modern business’s day-to-day operations. Now, more than ever it’s crucial that you’re aware of the potential threats your network faces and understand and implement good business practices to protect it.
Computer networks interlink your colleagues, customers, suppliers and business partners and enable companies to respond instantly to business events, whether they’re sales or supply chain problems. Your network carries information of the utmost importance to the business including highly sensitive financial and customer data.
With this in mind, it’s imperative to examine the security of your network and protect it from any potential threat. These might come from within your organisation, from careless or malicious workers, or from outside your network, via organised criminals, opportunist hackers or individuals who want to harm your company.
Fortunately, technology and good business practices offer a range of means to protect your network from attack..
Web wise
In terms of best practice, most businesses are aware of their responsibility to educate their workforce on how to use the web at work, make sure they know they must avoid suspicious websites, be wary of downloading email attachments and always protect their passwords and private information. In these security conscious days, certain organisations have taken protection a stage further and have opted to limit the use of storage media such as USB keys and even block certain websites, for example social media, banking and shopping sites.
Technology fortunately offers robust protection against malicious attack. Your first line of defence should be a good company firewall. A business can choose to operate its own firewall, or use a managed firewall service.
Firewalls can take many forms, from a piece of the IT or network designed to block unauthorised access while allowing authorised communications, through to a server or hardware appliance, running software that follows a specified set of security rules.
Some firewalls, such as packet filters and proxy servers, check each bit of information coming onto the network, including emails, whilst others, application gateways, will control access to certain key software programs.
Your network can be secured further through the use of a Virtual Private Network (VPN), of which there are several types, including Internet Protocol Security (IPSec) VPNs, Secure Sockets Layer (SSL) VPNs and Internet Protocol (IP) VPNs.
A bonus of technologies like these is they that enable your workers to access the network securely from outside the building as well as within, by encrypting information sent over the networkPictures? Perfect.
Access all areas – securely
Applications can be accessed securely via a software client program or web browser, from a home office, smart phone, web café or hotel. Accessing information remotely frees your colleagues to be more flexible and productive. And from an IT point of view, it does away with the financial and technical headaches associated with traditional leased-line wide area networks, or configuring secure computers for each remote worker.
Like traditional firewalls, VPNs generally come in the form of server-based products or appliances, but can also be provided as managed services.
From a business and IT point of view, the difference between IPSec and SSL VPNs is that IPSsec, an older technology, secures all the data between the company’s IT system and the user, which means the client computer can potentially access the entire network. This, however, opens the network up to a level that some will find unacceptable. But by providing a secure, private tunnel between devices, multiple employees, clients and business partners can be granted access to the network.
Compared with IPSec, SSL VPNs offer more precise access control to applications, creating a tunnel between the user and the internal program. It’s also easier to provide different access rights to different users, and control who gets to see what.
Another difference is that IPSec VPNs usually require client software to be installed and configured. From an IT perspective this means an increased workload.
On the other hand, SSL VPNs use a normal web browser to access the company's network. This is preferable for most workers. From a technical point of view, applications need to be web-enabled so they can be used by SSL VPNs, so this is a consideration for the IT department.
IP VPNs are another option. They are managed by a service provider which means less work for the business user. Another plus is that they are highly secure, flexible and scalable.
Cutting edge technology
Another way to boost your network’s security is with physical security, such as card-based two factor authentication. Popular hardware security tokens like RSA SecurID generate unique passwords every few minutes which need to be input along with the physical key, for extra security.
Biometric fingerprint recognition is one of the latest forms of hardware security and is now available on laptops and desktop PCs. This works by using a password along with a scan of each user’s unique fingerprint.
IP CCTV is an option that enables you to use your network to protect itself, by running video feeds over the network to monitor office security.
The great thing about IP CCTV is that it runs over the public Internet, so you can monitor your building from your home, or even via a smart phone.
So, get it right and your Network security doesn’t have to be a big, fat headache anymore.
