You can not spend some time securing your computer and the network it sits on and then walk away. Threats are constantly evolving and increasing so security is an ongoing battle.
1: Upgrade your antivirus
I’m always shocked when I see antivirus tools that are out of date or worse yet, expired. This goes for applications and virus definitions. When using Microsoft Windows, it’s critical to keep all your software versions as current as you possibly can. Keeping antivirus up to date is the only way to help protect vulnerable machines from malicious software and files. Another critical step for security is using proper anti-virus you pay for rather than a free package. See here for info on Free anti-virus verses paid anti-virus
2: Block users from installing software
This is a massive step towards making your network more secure. Yes, it can be a pain when users actually need a piece of software installed and the administrator has to put in the password to allow it but it is worth the pain. It is not always software that users want to install but often software is installed without them realising it. You’ll have far fewer viruses and less malware to deal with than you would if the users were allowed to install at will.
3: Switch your browser
As browsers go, Internet Explorer is still an very insecure browser. Migrating your users to Firefox or Google chrome will make a significant difference to your security. There are also some add-ons that will increase the security and stop adverts etc.
4: Disable add-ons
5: Deploy a hardware-based firewall
The built-in Windows firewall is simply not enough and is also a real pain on a local network. Relying on the firewall built into your £40 router is also ridiculous and totally insufficient. The risks of someone breaking into your network and you relying on a cheap firewall to protect you is just not going to cut it. Remember that hackers don’t always break into your network to access or steal your data, they break in to control your computers in order to attack a bigger organisation and the attack looks like it has come from YOU!!
If you want real security, you need a dedicated firewall on your network. This firewall will be a single point of entry that will stop many more attempted breaches than the standard software-based firewall will. Besides, the hardware-based fire will be far more flexible and customizable. There are various firewalls on the market, we always use this one for our client base – http://www.anacondafirewall.co.uk/.
6: Use strict password policies
Letting your users control their passwords is asking for trouble. If you do this, you’ll wind up with accounts packages and important data protected with “password”, “1,” or worse — blank. Make sure all passwords require a combination of upper/lowercase, numbers and letters, and special characters. Password policies on a network allow you to enforce a rule that passwords must be changed every 60 or 90 days. Users will find this a real pain but it is important for security.
7: “Everyone” – access to network shares
Never give the Everyone group access to a folder on a network. This means anyone on the network, authenticated or not can have full access to your data. Rather give a group or individuals access to folders so that you know exactly who has access and it is easy to remove their access if they leave the company.
8: Use Linux or MAC
This may be a massive leap for some people but it is easy to use a Linux server to share data on a network. The box itself will be infinitely more secure and easier to maintain. Running Linux on the desktops can work wonders as well. If user’s don’t need access to Microsoft Applications, this could be a viable step forward. Especially in environments like an Internet Cafe. Linux users can access Web mail rather than using full blown outlook.
9: Use network access control
OK, not all of you will understand this so feel free to get in touch for more info but PacketFence is one of the most powerful network access control tools you will find. With this tool, you can manage registration portals, and you have centralized wired and wireless management, powerful guest management options and much more. With this system on your network, you can rest assured that rogue devices will have a much smaller chance of connecting and accessing your critical data.
10: Use content filtering to protect from malware
We are finding this more and more to be a very valuable tool for blocking access to certain websites. Especially ones that stop productivity and ones that are likely to download malware without your users realising it. There are obviously certain phrases, keywords, and URLs that can and should be filtered, based on their history of causing malware. A lot of firewalls and anti-virus products have a certain level of content filtering that you can implement to being with.
Do you have any other ideas?
With the right tools and strategies, your network can be a much safer place for productivity. Comment below if you have some other simple ideas to share with our readers?