A Guideline for Businesses to Protect and Secure Your Network Assets

  • Apply all security patches to software.
  • Lockdown or harden your Internet Firewall’s rulebase.
  • Harden Internal and External Systems by disabling or removing unnecessary services.
  • Perform annual security audits on your network.
  • Audit user access. Follow the practice of “least privilege.”
  • Protect your mail server with a spam and virus filter.
  • Filter internet access to keep good employees from doing bad things.
  • Install a Unified Threat Management (UTM) device to provide multiple layers of security within a single device.

Executive Summary

All businesses face many challenges when managing and securing their technology investment. From our experience in helping businesses in a wide variety of industries, TBJ Consulting has developed a short list of best practices to help businesses better secure their technology investment in a cost effective manner. TBJ Consulting firmly believes that utilizing best practices can help reduce the complexities commonly found in technology solutions, leading to a better and more reliable end-user experience. A summary of the recommendations is provided to you.

1. Apply all Security patches to software

Every business should keep up to date with the latest operating system patches, firewall updates, and anti-virus definitions. These help fix security vulnerabilities which otherwise leave your business exposed to malicious hackers.

Consider purchasing a patch management system or use the free patch management system provided by Microsoft (WSUS.) Patch computers at least quarterly although monthly is recommended. If you are not utilizing a patch management system, consider placing individual computers on Microsoft automatic updates. This will ensure that you get the latest security patches as they are released.

Subscribe to a security vulnerability newsletter. The SANS organization has a great list that will keep you informed of the latest security vulnerabilities and patches. http://www.sans.org/newsletters/?ref=1701

2. Lockdown or harden your Firewall’s security policy

A majority of businesses put their firewall into service, lockdown only incoming services, and forget about it.

Audit and review your existing security policy. Perform this audit quarterly. Have a third party review the rulebase annually to ensure that best security practices are followed. Remove dead or defunct rules.

Restrict outbound network access. A majority of spyware and malware “phone home” to their creators’ websites utilizing unique ports. Internal users could also be utilizing your network for non-business related activities such as computer gaming or file sharing. A locked down firewall policy will prevent this.

3. Harden Internal and External Systems by disabling or removing unnecessary services

Most operating systems and applications are feature-rich and therefore have numerous services and functionality enabled by default. Many of these services are unnecessary and can leave a system vulnerable while using valuable system resources.

Before a system is placed into production, harden it using a system-hardening policy which meets your company’s needs. If you do not have a system-hardening policy, contact TBJ Consulting for assistance.

4. Perform annual security audits on your network.

A security audit will give you a detailed report which shows where your network’s security’s strengths and weaknesses lie. It can help you find security problems you never thought existed or rough machines and processes. It can also validate that your onsite network security expert or consultant is doing their job.

This service should be performed by an outside service at least annually. These audits can help you establish a security road-map and a possible security budget to help fix uncovered weaknesses.

5. Audit user access. Follow the practice of “least privilege.”

Internal users should have their access audited at least once a quarter. This will allow you to ensure they have access only to the systems and data that they need to do their job.

Some employees change job functions and roles frequently. An audit will ensure that they don’t have access to more than they need. A rogue system administrator could also be accessing data he is not supposed to see. Ensure that even system administrators only have access to the data that they need to do their jobs. Consider enabling auditing on you system and review the logs once a quarter.

6. Protect your mail server with a spam and email virus filter.

According to industry experts, 80-90% of all email is spam or virus related. This can place an unnecessary load on your servers and users which can be prevented. Most businesses also let any attachment into the email system. Many attachment types are not necessary and can bring viruses, spyware, or malware with them. Another attack which comes from email is phishing. (Phishing is where someone is trying to get you to reveal some personal information such as a social security number or a credit card number.)

A good strategy is to install a good spam and virus filter. If you keep your definitions and rules up to date, it will significantly reduce the amount of email your server has to process and free your users from time-wasting and potentially offensive email content.

7. Filter internet access and keep good employees from doing bad things.

While the Internet is a great tool for businesses; it is also a great tool for criminals. Employees can be tricked into accessing dangerous websites by an email scam know as phishing. The criminal attempts to obtain information such as social security numbers and financial information by imitating a valid web site and asking users to enter that data.

Employees can also access websites that download programs to computers without the employee realizing it. These programs can be used to steal passwords or to capture users’ web surfing habits for marketing purposes. It can also display pop-ups that are often offensive in nature.

Putting Internet filtering in place will help prevent employees from accessing these malicious websites. Most employees don’t realize that they have done anything wrong until it is too late. An Internet filter is cheap insurance and helps keep good employees from doing bad things.

8. Install a Unified Threat Management (UTM) device to provide multiple layers of security within a single device

Unified Threat Management allowed businesses to accomplish defense in depth using only one device. Most businesses have firewalls deployed and are only allowing a small amount of ports and services inbound to the network. The danger is what lies inside those inbound packets. A traditional firewall only checks to ensure that the port is allowed or denied. A UTM firewall will also perform a check against a virus scanner, an Intrusion prevention system, and a webfilter to ensure that the traffic is legitimate giving you multiple layers of protection.

A UTM device can also simplify your network security posture by allowing you to manage only one or two devices to protect the business. Most UTM solutions combine 4 or 5 products that are traditionally stand-alone. This provides you with simplified security management and reduced costs.

Contact TBJ Consulting for more information about how to Improve network Security at 262-373-9070 or help@tbjconsulting.com.