Many businesses out there face challenges when it comes to security due to the complexity in trying to understand and protect their information infrastructure. Having a firewall as your perimeter defense and some form of anti-virus on your desktop isn’t enough these days due to the level of sophistication and creativity coming from internal and external threat factors. Almost on a daily basis we hear of some major data breach or compromise in identifiable information or someone’s system getting hacked or more commonly individuals falling for malicious ransomware or website phishing attacks.
Today’s reality in a world connected through technology and Internet is that there is no complete security strategy that is absolute, it’s about managing security risks to reduce catastrophic impact on your organization. What strategy makes sense then? We’ve heard playing defense is critical but what does this entail and what layers of your infrastructure require what type of attention? It’s called the “Defense-in-Depth” strategy and involves five key areas: physical, network, computer, application and device.
- Physical Security – this seems to be the most obvious one but many times it’s the one taken most for granted. Secured racks, locks and surveillance cameras are a few ways to physically protect your assets. Whether internal or external, checking to see who has physical “touch-ability” on your network is important as physical access ultimately leads to information access.
- Network Security – A number of our NetDetect Security Assessments has shown open vulnerabilities and misconfigured devices for many clients who thought they were as secured as they could get. It’s important that networks are protected with firewalls, intrusion detection & prevention systems (IDS/IPS), and switches and routers configured with their security features. Encryption-less open wireless access points and convenient bandage workgroup switches are all ways for unauthorized users to gain access to the rest of your network. Trust domains across zones and LAN/vLAN configurations can help manage network traffic as well in a more controllable and visible manner.
- Computer Protection –software vulnerabilities are the number one way intruders gain access to systems. Applying layers of protection and tools at the client piece of your infrastructure should be a key focus in rolling out a “Defense-in-Depth” strategy. Here are some key layers to consider:
- Antivirus software which includes total protection (Malware, AV, Trojans, Ransomware, etc.)
- Host intrusion-detection systems (HIDS) and other endpoint security solutions
- Removal of unused applications and services
- Closing unnecessary ports (USB, etc.)
- Application Security –This entails good security practices, such as a Role Based Access Control, which locks down access to critical processes and functions, forces username/password logins to certain application areas, secured password combinations, etc.
- Device Protection–From mobile devices, tablets to LAN based appliances it’s important to remember that a chain is only as strong as its weakest link. The out of box default settings should be looked and changed to further secure your resources. From encryption to mobile device management, anything that houses your business data needs to be protected. Being in position to brick lost/stolen devices and setting up protection protocols to block intrusions are all steps in strengthening your protection chain.
Having a good security design practice and by applying the right solutions and services, security risks can be significantly reduced. Protecting your IP (Intellectual Property), valuable assets and operational integrity are three keys factors in a sustainable business. Our goal at PC Professional is to deliver sustainable business solutions so you can stay focused on your core business offerings. Through delivery of our NetDetect offering we have enhanced visibility to your business units outside of just your helpdesk needs. Contact us today to see how strong your defense playbook is today and if it can withstand the threats of time.