With malware and hacks becoming larger threats, businesses must stay hyper-vigilant about network security. Data breaches and other network security threats hit the headlines with an increasing degree of regularity. No business is immune. But you can help protect your data and the information of your clients and customers with a fresh start and a renewed commitment to policy and best practices.
Here are 5 steps that you can take today:
#1: Develop or Update Your Network Security Policy and Stay Vigilant
How do you treat your network security policy? It is handed out to new employees but rarely discussed again? When was the last time you evaluated your network security policy and implemented revisions or updates to address current threats?
The security of your system and your company depend on a proactive policy, awareness and whether or not it’s relatable. Cimcor recommends a policy evaluation and possible overhaul if your policy isn’t regularly reviewed. Take tidbits from the policy and relate them to real world threats so employees can connect the dots between their actions and the current risks.
#2: Keep Software Updates on Track
Malware and other security risks keep evolving and software companies keep developing security patches to help combat the threats. When software is outmoded entirely, it’s time to move on to another version or something altogether new and better.
Software updates can be frustrating, especially for legacy or proprietary software. But they’re necessary to protect company interests and assets. The most common reasons companies resist updates, says Ekran, is the time involved with training, workflow interruptions and expense. But hackers, malware and viruses are always on the job.
#3: Start New Users with Low Privileges and Work Up Incrementally
Threats begin on the inside. A disgruntled employee might not initiate a threat, but the actions of a careless or untrained employee could open a gateway that lets a threat pass through. One of the best ways to keep control, says Ekron, is the “principle of least privilege.”
New users from the top down should begin with the lowest level of privileges and work up from that baseline as needed. As permissions are no longer needed, they should be revoked. Also, don’t assume that users who need higher privileges present a lower risk. Keep track of users with the most privileges, recommends Cimcor, and ensure logs can’t be altered by anyone, no matter how high their level of privilege.
#4: Keep Employees Involved and Aware with Regular Training
Training takes time out of an already busy schedule. Without it, your company could be at risk. Ekran reminds that the best security policies can’t help if employees aren’t informed or if the company has a relaxed stance on enforcement. If employees mistakenly believe security measures, such as logging out when they walk away from their desk, hurt productivity, there’s an opportunity for infiltration.
Regular training reminds employees why your policies are important. Additionally, training could reel in employees who think “just this once” is a manageable risk. When the whole company is held to the same standard, it’s easier to bring on stray employee back onto the right path.
#5: Take Password Management Seriously
Password security is another pain point, but a necessary component in a comprehensive security plan. Passwords should be unique, hard to duplicate but easy to remember. Here’s what Ekran suggests:
- Use a long password phrase instead of a random set of characters.
- Make every password unique instead of employing the same one for access to email and other programs.
- Prohibit password sharing no matter who the users are.
Passwords should regularly be changed. And try to avoid passwords that are too similar. While “ILikeIceCream” and “ILikeIceCream1” or versions thereof are different, they’re similar and easy for a third party to figure out.
Network security management isn't just a concern for major corporations. A breach that threatens companies such as Target and their customers might make headlines. But a breach in a small company could cause lasting damage, including reputation harm, that's more difficult to recover from.
If you don’t have the time or resources to take on a sophisticated security program, a professional services partner can provide what you need. From software upgrades to employee training and monitoring, it’s a scalable solution that keeps you and your customers safer. Contact us today and learn how GDH Professional Services can help protect your business.