From foreign governments to domestic villains, hackers have made big headlines in the first half of 2013. Fears range from the next virus to cyber attacks that take down nationwide utilities or telecommunications. It is quite possible that Network Security (or Cyber Security) will soon rise to the level of the Y2K scare from the turn of the millennium. Unfortunately, the hyperbole that drives the media will not make your network more secure, nor will many of the “experts” that will be created during the frenzy. The good news is that Network Security is computer science, not rocket science, and it begins with solid fundamentals.
DESIGN. Good Network Security begins with solid network design. As an ISP or NSP, your network is only as solid as your upstream provider(s) – the first consideration in your network design. From there, security needs to be integral in the design of your own network infrastructure. While it is tempting to use consumer grade equipment in your network, low-end devices are rarely designed with security as a top priority, and often lack ongoing support to keep them up to date. The same applies to Operating Systems. Multi-user is not the same as true enterprise class. Deploy secure network segments (VPN) where needed, do not rely on simple Network Address Translation to protect your valuable data or equipment – NAT is not security. Secure networks fundamentally rely on an OS that is designed with security in mind and has updates available as technology and threats change.
MAINTENANCE. From firmware (think BIOS) to Daemon (think Web or Mail Server software) to your OS, updates need to be installed once they are field proven. Whether a Patch Level Update (PLU) or a full upgrade to a new version, security fixes should be installed as they become available. This applies to your ROUTERS too. Put your trust in someone who is a full-time administrator who is an expert in the field and who stays abreast of necessary changes. Legacy equipment that is no longer supported by the manufacturer is inherently insecure. Make replacement of obsolete equipment a part of your security budget.
MONITORING. Monitoring your network and reviewing the relevant logs greatly increases your odds of finding a breach, or even an attempt. Monitoring the activity and performance of your network is a critical component of a secure network.
Those of you who are First Network Group IT Services Customers already work with a security savvy IT staff who can deliver a level of Network Security that will let you sleep at night. If you are not yet working with the FNGi IT Services staff, contact Randy Carpenter, VP of IT Services or 1-800-578-6381 option 1 to get started today.
Steve
Stephen C. Walter, President/CEO