Strip Down to the basics.
Disable what you don't need and keep everything else. Think instead in terms of enabling only what's absolutely necessary and disabling everything else. This approach encourages a more secure network structure.
Map your network environment.
You can't manage network security unless you fully understand your network environment. Mapping the network, keeping the map up to date and regularly checked for unauthorised changes (Such as the addition of modems or wireless network access points that might be compromised by intruders) are therefore essential for maintaining a good level of security.
Create a security policy.
Putting a security policy together is not a complicated process. Just developing the policy, isn't enough. Firstly, employees at every level must be educated about the policy and its reasons. Secondly the policy must be enforced and regularly updated.
Understand your OS.
Most operating systems come with a range of security features, such as password management and encryption. It's important to understand all the security features available.
Passwords.
System and screen saver passwords offer a simple way to prevent casual unauthorised access. Ensure all users understand the benefits of mixing upper and lower case characters with numbers in their passwords, avoiding the use of recognisable words. Ensure passwords are changed on a regular basis and refrain from writing down or passing them on to colleagues.
Ditch the Disc Drive.
Many computer users in a network environment have little use for the CD-ROM drives, floppy disk drives, and ports that come as standard with their PC's, as the severs handle all the document transferring. Disabling these features means they can't be used to introduce unauthorised software, unwanted viruses and modems to the secure network.
Subscribe to Security Alerts.
A number of organisations offer free alert services that enable you to keep tabs on new security threats and vulnerabilities and how to deal with the newly discovered problems.
www.securityfocus.com
http://xforce.iss.net
www.mipc.gov/cybernotes
Download patches and updates.
The recent Code Red worm exploits vulnerability in Microsoft's IIS Server with a patch available at least a month before it struck. Had the patches been applied the Code Red worm would never have so virulent to the Internet community. Apply security patches and test to verify integrity.
Install Anti Virus Software.
It is essential that Anti Virus software is installed and regularly updated.
Check System Logs.
Firewalls, Routers, OS system logs provide extremely useful information on the health of a network it's surprising how seldom they are used. Regular checking of these logs for anomalies can pay dividends because they act as an early warning system for security threats.
Protect Sensitive Data.
Ensure that backup of critical data are made every working day, preferably off site as well as on site. Ensure sensitive data is kept away from prying eyes. Ensure old hard drives or other storage devices are formatted before disposal. Ensure backups are catalogued so that missing data can easily identified and tracked.
Use a Firewall System when connected to the Internet.
A Firewall prevents intruders from entering a private network. Networks are guarded by hardware firewalls, while dialup PC's are normally protected by software firewalls. Hacking attempts are usually directed at a range of IP addresses. It's well known that OS systems contain bugs therefore all systems have weaknesses. When a system is connected to the Internet, an unlimited number of hackers could be waiting to exploit your system. Hackers will leave Trojans on your system, which will allow them to gain passwords, broadcast sensitive data to them such as credit card details.
Install Security Cameras.
Security Cameras can follow every move on the outside and inside especially when contractors are working in your computer room.
Security checklist for E-Tailors.
Ensure that your network is secure; credit card data is encrypted using a least 128bit Secure Socket Layer protocols. Always make sure that consumer data is stored separately from card data on servers behind firewalls. Ensure the connection to your bank is fully encrypted. Ensure your payment authorisers offer AVS Address Verification Services and the links to them are secure.
