Limit access to those who need it
In SMBs, employees given full privileges and access to the
network or devices that they do not need to do their job. This is
simply asking for trouble as whilst it is likely that your
employees are honest, trustworthy people, as an IT administrator
who is responsible for the network security, it remains a risk that
you cannot take just in case.
Control the use of portable devices
Endpoint security is another issue based on too much trust.
Insider threats can be the most harmful and the least likely to be
protected against. Network activity should be monitored and the use
of portable devices such as iPods and USB sticks forbidden as it is
too easy for a disgruntled employee to steal confidential data
undetected.
Limit Internet browsing
End users often fail to appreciate the threats that they are
exposed to on the Internet, so limit their browsing capabilities so
as not to allow threats to infiltrate the network. The problems
often lie with social networking sites whereby malicious links can
be sent from a 'friend's' hacked account.
Carry out regular audits on the network
Regular audits may be very tedious and time-consuming, but when
it comes to network, security this is definitely a step that should
not be skipped. Regular audits let you know what materials are
available on the network, whilst log analysis allows you to better
understand the way that resources are being used and how to improve
their management.
Ensure that systems are secure before connecting them to the
Internet
Before any computer is connected to an Ethernet cable or
telephone line, anti-virus and anti-spam software must be
installed, as well as a program that blocks malicious software
installations, and then kept fully updated. Operating systems are
prone to security holes and once a flaw is detected, it is usually
exploited quickly. Up-to-date security scanners ensure that the
latest malicious software is detected immediately, so that the
appropriate patches can be downloaded.
Eliminate default accounts/passwords
It may seem basic, but by leaving the default account name and
password on test systems - commonly done - hackers can very easily
infiltrate the network. Names and passwords should be changed upon
immediate connection to the network to avoid hacking.
Always authenticate callers
Authenticating callers might seem like a redundant process for
administrators when they can recognise the voice of the caller.
However, giving out password changes or other confidential
information over the phone without following an authentication
process could lead to security problems that often cannot be traced
back to their point of origin.
Test your disaster recovery plan
Your disaster recovery plan is probably a work of art, but how
does it work in practice? Have you actually simulated a disaster
situation where your backups need to be used in order to get your
systems back up and ensure loss of revenue is kept to a minimum?
Planning such a simulation to ensure that the organization can get
back on its feet should an emergency occur is a critical step in
security. A disaster recovery plan that fails when put into
practice is just another disaster!
Don't go it alone
If you work in an SMB then it's likely that you are the entire
IT department and whilst you are likely to be perfectly capable of
managing, there's no shame in asking for help with the bigger
tasks. Setting up the network on your own is a gargantuan task and
outside help should be sought if you don't have the experience.
Although it may be costly, at least the job is done right the first
time round.
David Kelleher is a communications and research analyst
atGFI
Software. GFI Software is exhibiting atInfosecurity Europe
2009on 28-30 April 2009 at Earls Court,
London.
Read more articles from Infosec 2009 >>