Network Security Solutions for Business

Antivirus Software

Now more than ever, antivirus software is a critical part of any business network. Top antivirus companies work hard to identify new viruses as quickly as possible and keep their software up-to-date. Since some antivirus programs are superior to others, it’s important to select an antivirus program with a good reputation and avoid freebies at all cost.

Ideally, you should have two levels of antivirus protection.

First, install software on your email server or incoming mail router to catch email viruses sent to the company.

Next, each PC should have its own antivirus installed to catch malware that might slip through the first level of protection. (This also guards against viruses on USB sticks and external hard drives.)

If you allow mobile devices on your network, they too must have antivirus software in place. Regardless of what antivirus software you use, ALWAYS ensure it is up-to-date.

Firewalls

A business network would not be complete without a firewall. It may be included in your antivirus software or the firewall might be separate.

Firewalls prevent hackers and anyone who isn’t authorized from signing onto your network. They are configured to allow certain types of internet traffic while excluding others.

Often, firewall configuration is quite complex and it’s a good idea to have your settings checked by an IT specialist.

A firewall should exist at every access point to your network, including all personal computers. When a file is sent through the internet, it’s automatically broken up into small pieces called packets. Each packet has an identification number. The packet records where it is from and where it is going.

With this information, a special function known as a packet filter can prevent the receipt or transmission of data from unknown or insecure IP addresses.

Update and/or Remove Old Software

Computer operating systems are complicated, and hackers continuously find new ways to break through their security systems. This is why big software companies like Microsoft and Apple regularly release important security updates. When an update is released, it’s best practice to install these software updates as soon as possible to reduce the risk of a cyber-attack.

For this reason (and many others), businesses should move away from older operating systems like Windows XP, due to their many vulnerabilities and lack of support. Additionally, it’s important to remove old software no longer in use, since hackers can more easily hack into unsupported software.

Use a Secure Network for Internet Access

Most businesses use an internal local area network (LAN) to connect users to their main servers. If users have unlimited internet access, the entire system is open to an attack. One way to prevent this is to have a separate secure network specifically for servers and services that access the internet. This is known as a DMZ network.

A DMZ network allows different rules to be applied for internet traffic and as a result, protects the less secure internal LAN from attack.

Network security can be strengthened by adopting something called “the principle of least privilege”. This means access to different systems is only granted to those who need access, based on their IP address or sign in.

Verifying the Reputation of Files

A hacker will often modify a file or commonly used piece of software in order to hack into a company’s network. One way of detecting such efforts is to look at the file’s checksum – a long digital number automatically generated from the contents of the file.

Each distinct file has its own checksum that is used to ensure the file hasn’t become corrupted while being sent from one computer to another. If the file has been hacked, its checksum changes, making it easy to identify that something is wrong.

In practice, the checksum of commonly used software files is verified and allowed into the system. Similarly, known malware is identified by its unique checksum – and excluded. Any files with unknown or suspicious checksums can be isolated for verification and removed to prevent them from entering the business network.

There are several important areas of network security to cover:

• Email – One common way hackers enter a company network is through email. The way it works is simple. A hacker sends an email with a malicious code attached, disguising it as a valid email attachment.Once the attachment is opened, it loads malicious code that offers the hacker an opportunity to break into the company network.

• Phishing – A similar tactic, known as phishing, tricks unsuspecting employees into entering passwords onto malicious websites that might otherwise appear legitimate. Employee education is a critical part of network security. As a regular part of training, staff should learn how to recognize suspicious emails and understand the risks of opening unknown attachments.

• Web access – Restrict web access and warn staff about websites that might be malicious.

• Secure passwords – Employees should use strong passwords that include special characters, numbers and letters. Company policy can specify how often passwords need to be changed to further enhance security.

Detecting Possible Intrusions

Despite using state-of-the-art network security systems, it’s possible your network will experience an attack at some point in time. If this happens, you need to be able to detect the intrusion quickly so you can take remedial action to shut down the attacker and protect your network.

One way of detecting a successful attack is to watch out for unusual internet traffic. This may indicate the transfer of stolen data. Fortunately, routers and firewalls log all internet traffic. These logs record the size of each file, where it came from and the IP address it was sent to. Logs are then automatically analyzed, compared with normal internet traffic and any unusual data transfer is flagged and blocked.

Start Improving Your Network Security Now

Is your Milwaukee area business network missing one or more of these important security solutions? There is no better time than now to strengthen the security of your network and close loopholes before a hacker finds them first.

Apart from the embarrassment of losing sensitive customer data, you could suffer serious financial losses and ruin your company’s reputation.