- By Spencer Taylor
- Published 03/20/2012
For those who are new to the concept, multiple computers linked together form a network, and network security is about managing their activity and protecting these devices from unauthorised access which could result in misuse of your digital information as well as infiltration of malware viruses. Networks can be either private (limited to employees of a company), or open (accessible to the public).
Every business these days would be lost if their private computer network were to be compromised, so network security is a vital aspect of protecting your commercial assets.
The following guide will give you the key facts relating to network security, so you can better understand how to keep your business protected.
Basics of Network Security
Network security involves one or more administrators who are authorised to access all parts of your computing network. They will issue all users of your computers with a unique ID and password (known as authentication), which will allow them specific access to your company’s digital information and programs.
One-factor authentication is the first line of defence – meaning users of your network will need to supply a password for access. Two-factor authentication entails a user needing an object such as a security token, debit card or dongle to access the network.
Once a user is authenticated, your company firewall will enforce the access of services and information they are entitled to. A firewall is crucial to prevent unauthorised access to a network, but it will not however protect against computer viruses which in their most dangerous forms can steal sensitive company information.
Malware Prevention and Privacy Protection
To guard against malware and to stay abreast of user activities, your network will also need robust and current anti-virus software or an intrusion prevention system (IPS). A further measure to protect communication between users on a private network is to have network encryption to maintain privacy.
LAN and WAN
Short for local area network, a LAN is a private computer network that connects computers in a limited area, such as a home, school, or office building. Wide area networks (WANs) in contrast would span office sites in different geographical locations.
A Virtual Private Network is used to enable people to communicate between a main office and satellite offices using the Internet. VPNs have become highly popular, especially amongst medium sized business, as they provide a secure network that doesn’t require the leasing of a data line. Although the Internet is used, it is private because the link is encrypted.
Also referred to as a perimeter network, a DMZ is a sub network that contains and exposes your company’s external services to an untrusted network, usually the Internet. The aim of this is to add an additional layer of security to your local area network – unauthorised people would then only have access to limited public resources in the DMZ. The name DMZ is derived from the term “demilitarised zone”, meaning an area between nation states in which military action is not permitted.
This term in the IT world entails decoy resources used as surveillance and early-warning tools for suspicious behaviour and exploitations on a network.
Checklist for Security Management on a Business Network
Depending on the size and nature of your company, you will need different levels of network security. Here is a general summary of the measures you would need to take as an SME to safeguard your network and digital information:
· Perform a Security Risk Assessment based on your individual business services.
· Develop an Information Security Policy and ensure all users on your network take it seriously. Employees should also be fully aware of the dangers of accessing certain non-work related websites as well as sending and receiving information online.
· Design a secure network, including implementing packet filtering in your company’s router, a firewall and a DMZ network for servers requiring Internet access.
· Use robust anti-virus software, both at the gateway and on each desktop.
· Only use Operating Systems that have adequate security capabilities (as most company’s use Windows, this is usually taken care of).
· Maintain your network, such as streamlining your systems by removing unnecessary applications and ensuring your security patches are always current.
· Be stringent about applying strong authentication to each user. For example, passwords should have upper and lower case letters as well as numbers, and they should ideally be changed at least every two months.
· Develop a computer incident response plan to keep track of suspicious activities and pro-actively deploy security solutions for them.
With malware and hacking constantly on the rise, keeping your company’s private network as secure as possible is crucial – not optional – if you want to keep your corporate information from falling into the wrong hands. Unless you’re an IT wizard yourself, it’s highly advisable to either permanently employ an experienced IT manager or hire a reputable company (I often recommend 365IT to clients as they’re efficient and affordable) to do the job for you. Bearing in mind the damage that can occur if your business network were compromised, robust and reliable security expertise is worth every penny.
About the Author: Spencer Taylor is an IT consultant.