Most folks seem to understand what a firewall is and why it is so very important. They intuitively understand that they need something between the “trusted” internal computer network and the wild west we call the Internet! The installation of a firewall is generally something all business do, from the wireless network at the local coffee shop, to the medium size law firm and the giant multinational distributed enterprise. The barbarians are at the door, but with a firewall we all feel protected! The largest percentage of cyber security risks, however, do not come through the front door and your firewall will never see them enter. The largest risk to the security of your network comes from the employees and guests allowed, either connected by wire or wireless, to attach to your corporate network.

As a CISCO Certified Security Professional, we do a great deal of work in the area of computer network security. When called on to do a “Security audit”, “voice readiness” or “network assessment”, the first question we ask executive management is where is your AUP? After all we can tell you what protocols are running around on your network and even which user is consuming the most bandwidth. We can not, however, tell you if they are allowed to use that bandwidth! The creation of an “acceptable use” policy (i.e. AUP) is an essential first step in network security. The AUP communicates to all network users what is supported and what applications are allowed on the network. It describes what is acceptable regarding personal email, blogging, file sharing, web hosting, instant messaging, music and video streaming. It defines what is activity is strictly prohibited on the network and clearly outlines what constitutes “excessive use”. The computer network is a valuable corporate asset and as such it needs to be valued, protected and secured.

Does your company have a network access and authentication policy? What is the “password” policy? Do you even need a “password” to use the company network? Can anyone just come in and plug whatever phone, pad or computer device they happen to have into the company network? What is the data storage and retention policy? Do you allow VPN tunnels that extend your company network to a home office or coffee shop? Do you allow your users to connect third party provided equipment to your network? Is it acceptable that Bob just added a hub to his office network connection so he can plug in his own printer? How do we feel if Bob plugs in his own wireless access point? Do we have a “guest” network and do we let those folks know what is acceptable on your network?

What are the legal ramifications and liabilities you are exposed to if you are providing a computer network as part of a lease agreement? Are you liable for damages if your computer network is unavailable or “down for any reason? If Home Land Security shows up because your company’s public IP address was traced as originating a terrorist treat, do you have the user agreements in place to mitigate the costs you are about to incur defending your good name and reputation?

Computer network security is more than a firewall. A computer with an Ebola virus, Adware or nefarious RAT (remote access terminal) will infect all computers on your network, threaten your corporate data and render your firewall as useless as a screen door on a submarine. If your company has taken the prudent step of providing a Human Resource or employee manual that spells out the company’s position on work force violence, sexual harassment, vacation day accrual and drugs in the workplace, why don’t you have a manual that defines the acceptable use of your most vital corporate assess, the computer network?

With so many unfortunate–and costly–data breaches making headlines today, it’s vital for businesses to safeguard their vital information with reliable security measures. By incorporating the following tips into your platform, you can better protect your company data for a more secure operation.

Create Secure Passwords

Be sure that you instruct your employees to create strong passwords. Security experts suggest that you “use an 8-12 character combination of capital and lowercase letters, numbers and symbols. Also, be sure every employee changes his or her password at least once every three months.” (1) Employees should also refrain from using personal names or birthdays in their passwords.

Use Security Controls

Businesses can adopt any number of security controls. For instance, a firewall is a good line of defense for your data. Moreover, investing in check-writing software will “cut operating costs, reduce operational risk, and improve customer service.” Remember that all devices that connect with your network must have security controls in place to reduce the risk for breach.

Invest in a Security Audit

If you’re not a security expert, you should hire one to perform an audit of your business’s security. An expert can locate the gaps in your security and provide you with effective solutions for shoring them up. If you don’t have an IT expert on staff that can advise you about maintaining strong levels of security, you need to hire a consultant who can provide you with this essential information.

Employee Training

Many security breaches occur because employees are lax about practicing security procedures each and every time. It’s important for companies to train their employees about respecting security measures and upholding them at all times. Make sure that you create excellent policies and procedures to govern your employees about how to deal with data. It’s a good idea to have a training workshop to review security procedures with both new and existing staff members. Make sure your employees understand that they are a vital aspect of your data protection plan.

Encrypt Data

If your data is stolen–and this is common given the wide array of devices used to access your network–you still have protection if your data is encrypted. Make a habit of encrypting all company data stored on everything from laptops to mobile phones.

Back up Your Company Data

If you routinely back up your data, you ensure that it will be there should a virus come along and wipe out your information. Many businesses are now using the cloud platform to store their data securely. In the event that your business suffers a natural disaster or a computer is stolen, you’ll still have that backup data to rely on.

If you consistently follow these tips, you can more effectively protect your valuable company data. Never take your security for granted. Even large companies have been caught off guard by data breaches. By following these tips, you can ensure the integrity of your data and protect the reputation of your business.
Article Source: http://EzineArticles.com/8794070
Photo Source: http://pixabay.com/en/users/Picography-361976/