In a recent blog post, we discussed the rise in popularity of mobile computing and made reference to the concept of Bring your own Device – the practice whereby employees are increasingly bringing their own mobile technology into the workplace and using it to carry out aspects of their job. This includes smart phones, tablets and laptops to some extent too.
Whilst there are potentially (and only initially) monetary cost savings, the risks to the business in the end often outweigh the advantages. The primary concern is generally data safety and compromises to the network.
This got us thinking about what ways are businesses networks at risk and what simple things can you do to secure your network from unwanted intruders? We have created the following checklist, with tips included on how to help you protect yourselves and your business.
Undertake regular threat analysis
You may ask yourself, why would hackers want access to your network and through that, your data? It’s a question many businesses ask yet never truly answer properly. However, the answer may be more obvious than many people realise. Your data is not only valuable because of the information it says
about you, but because of the information you possess about key clients or staff. It may be you have credit card details, or you have addresses or purchase history for a client. All of this is valuable to some hackers looking to build a profile of someone else.
Experts recommend that every 3-4 months you re-evaluate your business and make sure that everything in the business is protected and that points of vulnerability are locked down.
Have you implemented automated tools that scan and report on attempted attacks? You don’t know what you don’t know!
Keep software up to date
You may have heard the term “Zero Day Vulnerability” but have no idea what it refers to. Basically, it is developer speak for vulnerabilities (or holes) which become existent within a specific program due to upgrades in other programs. It is because of these holes that software companies issue software ‘patches’. Without these patches, it is these little holes which allow hackers the window of opportunity they need to get into your system.
It is strongly recommended that as and when updates become available, you update your programs. Whilst it may seem time consuming, if you schedule updates after hours, the impact on your business is potentially negligible; the impact if you lose data or get hacked, may not be.
Secure your printer IP
Whilst printing is generally on the decline in many organizations, the fact remains; network printers can be both a godsend and a devil in disguise. The reason is simple. Network printers require a large memory in order to store and queue jobs. Whether it is financial reports or emails, printer memories often have treasure within them.
Because of this and because printers have their own IP address, if you have not taken steps to secure your printer IP, this presents hackers with a back door through which they can come into your business. The solution is simple, consult your printer manual and learn how to secure the IP now.
In June this year LinkedIn was hacked and a huge number of passwords were dumped onto the internet. Analysis by independent researchers found that sadly, too many people still use simple passwords for their accounts. Passwords such as 1234, work, angel and 654321 were common passwords used by people to secure their account. It probably goes without saying that these are far from strong. Our recommendation is that you encourage good password practice by forcing employees to change their passwords to key system data at least 4 times a year. Not only does this make it harder for hackers to get into the system, but it also means there is less likelihood that your employees will use passwords they use elsewhere, which puts you at risk if they fall foul of a hacker or phisher.
Whilst the above list is far from exhaustive, it hopefully provides you with a starting point from which you can build a more robust network infrastructure. Moving key data to the cloud through reputable providers such as Harbour IT will help mitigate some of the problems, however, common sense and vigilance will also go a long way to protecting your business data.