6 simple things that can make your network vulnerable

Mar 13, 2017 - by Brendan Lee

There are some simple things you can do on your network to make it more secure. We thought we would provide 6 easy steps you can take to improve your network security. If you would like more information on any of this please contact info@qdoscc.com Click here to see how we might be able to help you.
 
1) Passwords – So often we see passwords for user accounts, mailboxes or the wireless key written down on a post-it stuck to someone’s screen for everyone to see. Furthermore, they are often basic words or sequences - my recent favourite I have seen is abc123! And the main threat here isn’t necessarily how basic the password may be, but that the password has not been changed for years. This means ex-employees can still gain access to your network via wifi, they can access the info@ mailbox and may even be able to log into the servers. Passwords need to be complex, but they also must change regularly, and avoid using the same password for different accounts and services – if one account gets hacked, everything else protected by the same password is also at risk. Many companies choose to implement 2 factor authentication that requires a code that can be sent to a mobile device to increase security of a service – this is easier enough to implement and may well save a breach in your company.
 
2) Old kit – This goes without saying. But a lot of SMBs avoid spending the right money on their hardware. Servers, workstations, switches, printers – everything you use in your office will only last so long. Have a plan to replace / upgrade certain kit after so many years of use to avoid it failing on you. Remember, if your server stops working it’s likely your business will too.
 
3) Antivirus / antimalware protection – Cyber threats are continually on the rise and it is so important that you protect your computers and your data. Ransomware is one of the latest dangers we see regularly where all of a company’s data can be fully encrypted and rendered useless unless a fee is paid via bit coins. This can be so costly to a company, not just from the ransom fee, but from company down time, lost files, and support fees to IT technicians to attempt to eradicate the threat and restore data. Ensure your antivirus is up to date and invest in antimalware protection – antivirus alone is arguably not sufficient anymore.
 
4) Users Permissions – All user accounts should have minimal rights, so just enough to work day to day but not enough to install software or log into servers etc. So often we see day to day users logged in to their computer with full admin rights on their workstation because they wanted to install iTunes three years ago or run an Adobe Flash update. The problem here is that viruses and malware use these elevated permissions to install malicious items on your workstation in the root of your Windows directory. Take away admin rights, and the threat can’t automatically infect your system files.
 
5) Backups – Every business thinks their network and data is safe and backed up fine until the time comes when a disaster occurs and the backups are required. That’s when it becomes apparent that backup tapes or drives haven’t been swapped out for 6 months, that the backup server ran out of disk space a year ago and that the cloud backup is corrupt due to a malware attack earlier that year. Backups need to be checked regularly to ensure the integrity of the data – run a test restore and confirm recently edited data is there. And never just backup to one location. Invest time and money now into your backups and save so much cost in a disaster situation.
 
6) Remote access – There are always times when users require access to company data whilst out of the office so remote access is essential for some companies. But this can leave your network vulnerable if not done correctly, so make remote access a “needs must” basis to limit those with remote access rights. And when using VPNs or remote desktop sessions ensure they are secure, encrypted connections. Using cloud services? Whilst your internal network is less vulnerable, your company data is only a username and password away from being breached – no settings or configuration required. Regularly evaluate your remote access protocol and make the necessary changes!

0 comments

Leave a reply