Are you concerned that your current security infrastructure may not accurately detect today’s sophisticated attacks? Do you know how applications are being used on your network? How does your enterprise security stack up against similar organizations? If these are the types of questions you are asking, then it is time to evaluate your network security.
Throughout this article, I will cover the fundamentals of keeping your corporate network secure. I will also provide the opportunity to receive a free Cyber Threat Assessment Report to help you gather details about your specific network.
What is Network Security?
From nefarious cyber criminals to insider attacks performed by your staff, many factors can bring down your network and compromise confidential data. Understanding and upholding the fundamentals of network security is critical. Network security is the practice or preventing and protecting against unauthorized intrusion into your corporate networks.
The Venerable SANS Institute expands on the definition of network security:
“Network security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment.”
Network security is made up of many different pieces. Relying on one single line of defense is dangerous, because any single defense tool can be hacked by a persistent attacker. If a cybercriminal has invaded a part of your network, your organization should have the resources to expel it, if your defense has been properly organized.
Some pieces to the network security puzzle include proper protection, detection, and action. For proper protection, your organization must configure the network as correctly as possible. From there, keep on constant alert to identify when the configuration as changed or there is an indicated problem. Finally, take action to rectify the problem quickly and return to a safe state.
Without action, the cost of lost or stolen data could easily put a company out of business. Ponemon reports that biggest hit to a company’s profit will come in the form of enforced employee idleness as wrecked networks and dysfunctional computers provide no means to do work.
Ponemon pegs the average cost of a single attack at $5 million, with $1.25 million—a quarter of the total—attributable to system downtime, and another $1.5 million (30 percent) to IT and end user productivity loss.
Common Network Security Threats
Now that most of our daily activities occur online, so do many of our daily threats. Here are the most common network security threats that your organization may encounter:
- Malicious programs like viruses, worms, Trojan horses, spyware, malware, adware and botnets
- Zero-day and zero-hour attacks
- Hacker attacks
- Denial of Service (DoS) and Distributed Denial of Service Attacks (DDoS)
- Data theft.
Different attacks have different end goals. Some of these threats look to exploit unsecure wireless networks, weak passwords, unsecure websites, and unpatched software and hardware.
IBM sponsored the 13th annual Cost of a Data Breach study independently conducted by Ponemon Institute. This year’s study reports the global average cost of a data breach is up 6.4 percent over the previous year to $3.86 million. The average cost for each lost or stolen record containing sensitive and confidential information also increased by 4.8 percent year over year to $148.
Network Security Defenses
Network security is an integration of multiple layers of defenses in the network. While there are many different types of network protections, common ones include:
- Virtual Private Network (VPN)
- Data Loss Prevention (DLP)
- Network Segmentation
- Antivirus Software
Firewalls: Firewalls put up a barrier between your trusted internal network and untrusted outside networks, such as the Internet. They use a set of defined rules to allow or block traffic. A firewall can be hardware, software, or both. Some solutions offer unified threat management (UTM) devices and threat-focused next-generation firewalls.
Virtual Private Network (VPN): A virtual private network encrypts the connection from an endpoint to a network, often over the Internet. Typically, a remote-access VPN uses IPsec or Secure Sockets Layer to authenticate the communication between device and network.
Data Loss Prevention (DLP): Organizations must make sure that their staff does not send sensitive information outside the network. Data loss prevention, or DLP, technologies can stop people from uploading, forwarding, or even printing critical information in an unsafe manner.
Network Segmentation: Software-defined segmentation puts network traffic into different classifications and makes enforcing security policies easier. Ideally, the classifications are based on endpoint identity, not mere IP addresses. You can assign access rights based on role, location, and more so that the right level of access is given to the right people and suspicious devices are contained and remediated.
Antivirus Software: “Malware,” short for “malicious software,” includes viruses, worms, Trojans, ransomware, and spyware. Sometimes malware will infect a network but lie dormant for days or even weeks. The best antimalware programs not only scan for malware upon entry, but also continuously track files afterward to find anomalies, remove malware, and fix damage.
Here are some fundamentals of network security to prevent or stop these attacks from spreading if they slip past your defenses.
Fundamentals of Network Security
These 5 fundamentals of network security should be incorporated into your company’s policies and procedures. Not only will they improve security and compliance with industry regulations, but they will help prevent downtime, loss of productivity and reduce liability.
1. Take Advantage of the Fortinet Cyber Threat Assessment Program
Validate your network’s current security effectiveness, application usage, and performance by enlisting expert guidance. A Fortinet expert will use a FortiGate to monitor key indicators within your network. After several days of gathering information, you will receive a Cyber Threat Assessment Report which is divided into three primary sections:
- Security and Threat Prevention: which application vulnerabilities are attacking your network, which malware/botnets were detected, and which devices are “at risk”—for firewall assessment and security breach probability
- User Productivity: which peer-to-peer, social media, instant messaging, and other apps are running for application visibility control
- Network Utilization and Performance: what is your throughput, session, and bandwidth usage requirements during peak hours, and network utilization and monitoring tests for performance optimization
This program requires minimal time for maximum network security insight. Once enrolled, the program takes less than 7 days of monitoring. During the program, detection and monitoring do not cause any interruption to your current infrastructure. When the program is complete, you will receive a comprehensive Cyber Threat Assessment Report that details your security, productivity, and performance. All of this is a free value to your company.
2. Clean Up Inactive Accounts
Inactive accounts may appear harmless, but many times they can act as a vulnerability that cyber criminals can use to exploit company data. Hackers use inactive accounts once assigned to contractors and former employees to gain access and disguise their activity.
It is best practice to remove employee accounts immediately after a team member has left the company. The HP/Ponemon Institute report found that the companies in the survey that were doing a good job deleting accounts once an employee quit or was laid off was at less of a risk for a data breach.
3. Password Protection
Weak passwords can be the easiest way to breach security. By now, most of us know not to share passwords or write them down and leave them out in the open. Unfortunately, there is more to password security than keeping them out of plain sight.
Weak password protection can include number sequences such as, “12345,” or easily identifiable information such as birthdays, family names, and phone numbers. A password should be misleading.
So, what makes a good password? Phases that use several words or long acronyms that are easy to remember but difficult to guess make a good password. Some common best practice for passwords includes:
- 8 characters or more
- The use of upper and lowercase letters
- The use of numbers, punctuation marks, and symbols
- Changing passwords regularly and to something different from previous passwords. As a network administrator, you can require this for employees. Everyone should do this on their home network, especially if you are able to work from home.
Multi-factor authentication is a method of confirming a user’s claimed identity and helps prevent an unsecure source from pretending to be a valid user. This type of authentication adds a new level of security to simply a user name and password.
According to Verizon’s Data Breach Investigations Report, 95 percent of security incidents involved stealing credentials from customer devices and using them in web applications.
PCI DSS Requirement 8.2 requires that at least two of the three authentication methods below are in place:
- Something you know: This could be a password or phrase, a PIN, or answers to security questions. The user must be able to correctly verify this information.
- Something you have: These are physical possessions such as a token device, smart card, key fob or smartphone.
- Something you are: This method involves verification of characteristics that are unique to the individual. Examples include fingerprints, retina scans, facial recognition, voice recognition, etc.
By implementing multi-factor authentication, you are providing a higher degree of assurance of an identity. The PCI Security Council released an information supplement on multi-factor authentication to educate organization on how to best implement these guidelines.
Some multi-factor authentication best practices include:
- Implement everywhere: You must consider all access points.
- Test and monitor frequently: Your MFA policy should be current and tested for vulnerabilities regularly. Engaging IT or a third-party to test this will lower the risk for a breach.
- You should prioritize user experience.
5. Actively Manage User Access Privileges
More than half of 5,500 companies recently surveyed by HP and the Ponemon Institute said that their employees had access to “sensitive, confidential data outside the scope of their job requirements.”
Managing your staff’s access to critical data on an ongoing basis is critical to network security. When an employee’s job changes, the IT department must be notified immediately. From their they can adjust access privileges accordingly.
Make sure that the access rights to network folders are applied on a strict need-only basis. This will cut down on the number of internal team members having access to information that would make them an internal threat.
According to the Crowd Research Partners Annual Insider Threat Report, the top three risk factors enabling the insider threat vulnerability include excessive access privileges (37 percent), endpoint access (36 percent), and information technology complexity (35 percent).
Get Accurate Network Security Detection Today
Security and compliance not only protect businesses from excessive regulatory fines, it also protects their critical data from threats and breaches. Fortinet’s high-performance network security platform has solutions for the core, the edge, and access. The network operating system is flexible enough for deployments of all sizes and environments, from carriers to small businesses.
Use LightEdge’s and Fortinet’s network security fundamentals to protect, monitor and act against threats. Start today by beginning your free Fortinet Cyber Threat Assessment Program and receive a report on your security and threat prevention, user productivity, and network utilization and performance.
In addition to Fortinet’s network security assessment, LightEdge offers secure data center colocation solutions at our Des Moines, Kansas City, Omaha, Austin, and Raleigh data center facilities. As a top-tier colocation services provider, we provide a high level of availability and reliability through secure, certified data centers and dedicated staff onsite.
LightEdge also offers a free risk assessment from our Chief Security Officer and Chief Compliance Officer as a free resource to all of our clients. LightEdge’s highly-trained compliance and security experts take the guesswork out of keeping your business protected. Compliance and security are top priorities to guarantee that your data is protected. LightEdge is compliant with:
If you are interested in getting enrolled in the Cyber Threat Assessment Program, or touring of any of our 7 world-class data centers, contact us here. We have network security experts standing by to answer your questions or to help you begin Fortinet’s free Cyber Threat Assessment Program.
- Network Peering: Private Peering, Public Peering & More
- Organizational Networking & Cloud Interconnectivity
- Hybrid Cloud Deployments | LightEdge’s Hybrid Solutions Center
- Ransomware Protection: How to Prevent & Respond to Ransomware Attacks
- Cybersecurity Awareness Month: A Guide to Help Prevent Data Breaches
- Picking the Right Types of Cloud Services For your Business
- Moving to the Cloud from Traditional IT: Why and How