Network security is one of the most fundamental components of a comprehensive IT strategy. However, some IT providers fail to recognize the importance of having redundancy and layers of network security. Let’s take a look at the ideal approach towards network security – using multiple layers of protection to ensure your network stays safe.
Email Security – Spam Filtering
Email is one of the most common attack methods for hackers. It is very easy for a hacker to send an email to one of your employees that appears to come from a legitimate source. These emails will often have attachments that appear to be valid, but are actually viruses and malware in disguise. A good email security solution, with spam filtering and strict delivery rules (e.g. not allowing executable file extensions as attachments), helps to prevent infected emails from coming into your business. Office 365, the cloud version of Microsoft Exchange, has built-in spam filtering and malware detection to protect users.
Firewall
Your firewall is what stands between your internal network and the outside world. We’ve talked before about the benefits of an advanced, next-gen firewall (see our blog post from August, Not All Firewalls Are Created Equal). One of the primary benefits of a next-gen firewall is that they are typically automatically updated with virus and malware definitions and other intrusion prevention data to block against the newest cyber-threats. It is vital to keep a firewall up-to-date as the threat landscape changes daily. Traditional firewalls are more difficult to keep up-to-date, although it is possible.
Anti-Virus
Having a robust anti-virus system is vital to protecting individual PCs. A good anti-virus program will automatically update its virus definitions, actively protect against malicious applications, and run regular scans of a PC to ensure nothing is hiding in the dark corners of the operating system. In addition, adding a secondary scanner that runs periodically, so long as it does not conflict with the primary anti-virus, is a good sanity-check to make sure that a PC is truly protected.
Employee Education
One of the most under-discussed but vital elements to comprehensive network security is employee education. The most common method for hackers to access sensitive information or systems is through “Social Engineering”. This involves a hacker convincing an employee or owner that they are a legitimate contact, and receiving credentials or access by fooling that person. Many of the biggest hacks or data breaches in history have been performed through Social Engineering. Thus, it’s extremely important for your employees to be aware of Social Engineering techniques, such as Phishing (see our July blog, Phishing – Don’t Get Caught). Employees should know to check with management or IT about any potential scams or questionable emails that come in, particularly those requesting passwords, money, or for the employee to follow a link and login somewhere. The last of these, a login page, is a very common way to obtain email credentials, as the link will lead to a fake website that appears to be real (for instance, the Gmail login page). The employee then enters their info thinking they are logging in, when in fact they are just sending their credentials to a hacker. Obtaining access to one account, especially personal email, is a very easy way for a hacker to get access to the rest of a victim’s accounts.
By focusing on each layer of network security, and making sure industry-leading solutions are in place for each layer, a company can rest assured that their network is protected. Here at Layered Systems, we take network security extremely seriously. To learn more about how to strengthen your network security, or to discuss potential vulnerabilities you may have, Contact Us today.