Hackers are fast, ‘invisible’ and the damage that they cause cannot be undone. They can search your website within no time and get crucial information that may even compromise your integrity. They can steal your customer’s credit card information, destroy your records and destroy your reputation. Therefore, you need to take various measures to keep hackers away from your system. In this article, I share, 20 ways that can be used to secure an enterprise computer network infrastructure from hacking activities and security breach.
1. Make Good Use of User Accounts
It is obvious that the users of an account are the weakest link in almost every network security scenario. To ensure that hackers do not use this link, users should be educated on computer security. Network administrators should train users on the do’s and don’t. They should also be trained on how to protect not only themselves, but also the network. Therefore, before you secure your network, ensure that your users have the know-how; otherwise, it will all be in vain.
Network administrators should also make sure that all users have unique accounts. Users should also understand that there are hefty penalties for revealing their credentials to other parties. Network administrators should also separate normal users from privileged users. System administrators should use regular accounts in normal circumstances and privileged accounts only when they need to do admin work.
Every hacking activity starts with compromised credentials, simply username and password. Use of multi factor authentication, for instance, 2-step authentication in Google accounts, will help to keep away hackers. System administrators should therefore add various levels of authentication such as SMS solutions, tokens and smart cards.
Network administrators should come up with policies regarding security on the network system. These policies should be approved by the management and made official in the environment as the ultimate reference in matters of security. For instance, we are all aware that we should not share credentials, but unless we have such a policy, we cannot hold users into account when they share their passwords.
Network administrators should maintain a server list that should contain the name, I.P address, purpose, date of service and service tag. Each server should also have a responsible party who can investigate any anomalies with it and keep it up to date. This will help in noticing hackers early before they cause harm and keep them away.
All servers should run antivirus software. They should also report to the central management console. This information should be documented in the server list so that when one suspects an outbreak, the directories can be checked manually. Antivirus software should also be installed in all workstations.
If network administrators use host intrusion prevention, they should ensure that it is well configured to match their standards and reports to the central management console. It should be configured to only permit the required traffic for their network, thereby blocking hackers. Firewalls should be used to protect both servers and workstations.
When a server is ready and everything has been checked, system administrators need to run a full vulnerability scan to make sure that nothing has been missed. The server should also be added to their regularly scheduled scans.
Network administrators should set strong account lockout policies. They should also investigate any accounts that are locked out to make certain that hackers cannot use their remote access method to break into their network.
You should always use the strongest encryption type you can. For instance, WPA2 Enterprise. Avoid use of weak encryption types such as WEP. However, if you only have bar code readers or devices that can only use WEP, you can set up a dedicated SSID for those devices and use a firewall to connect to the central software. This will help keep away hackers.
Network administrators should deploy an email filtering solution that can filter both outbound and inbound messages. One should also deploy anti-spam and anti-phishing software to protect users and customers from email threats such as malware, spam and phishing attacks.
Network administrators should run a scheduled task to disable and report accounts that have not been used to authenticate within a certain period of time. These accounts should later be deleted as they can be ‘resurrected’ to enable hackers access through oopses or social engineering.
In addition to securing your server and your workstations, you should also secure your wireless networking system. You should use an SSID that cannot be associated with your company and suppress its broadcast. To ensure that only approved devices can connect to your network, use 802.1X authentication. Encryption should also be done.
Network administrators should set up and maintain an endorsed method for remote access. Remote access should use two-step authentication and there should be no split tunneling.
Establish a guest network for vendors, visiting customers, and such. You should not allow connectivity from guest network to the internal network. Authorized users should use the guest network and connect to the internet, then to VPN back to the internal network, if need be.
Network administrators should provide users with secure internet access. This can be done by implementing an internet monitoring solution that includes filter lists, bandwidth restrictions, malware scanning and port blocking.
Network administrators should set new permissions that are not too permissive as the default permissions. They should therefore set restrictive permissions even though it is only to ‘domain users’. They should not assign permissions to single users; should assign to domain users. In addition, “Deny Access” should be avoided and auditing should be turned on in case sensitive data is suspected.
Some people have very many servers that they cannot check them manually. In such instances, they should use a logging solution that can gather up all the logs from all servers and one can easily parse them when investigating events.
Network administrators should use a central form of time management for all systems including servers, network gear and workstations. This would make correlating logs easier because all timestamps will agree.
When all the above is done, we need to keep it up to date. The firmware should also be kept up to date on patches and security updates. The information presented above will ensure that your network is secure and cannot be compromised. Try the above listed ways and get your security house in order.