Our last article listed the four biggest threats to your network security at the moment. This time its about how to protect your network from those 4 biggest threats. So whether you have an in-house IT department or you are outsourcing your IT support, these are our recommendations to protect your network…
Only trusted devices
Plenty of people are wanting to get onto your network. Most are valid – your staff and some suppliers. Some are not – the threat actors we discussed last time. Those you trust are also likely to want to use various devices to add or access data on your network. Many of the devices will be owned by your business (laptops, desktops etc.), but some may not be. If you have a BYOD policy for phones or use varying numbers of contractors throughout the year, you need to seriously consider how they access your network.
Use Single Sign On
For 3rd party SaaS applications used by your staff, Single Sign On (SSO) is the best way to manage their access and to help productivity.
Single Sign On means a user only logs on once and is then able to get into multiple applications. It also means that there is just one place to make changes if you need to disable access for someone.
An analogy to help people understand this: pubs check you are old enough at the door and then you are able to buy drinks during the time you are there, rather than being checked every time you go to the bar.
Having SSO in place allows you to implement stronger password policies. Users will be far more tolerant of stronger passwords if they only have to enter it once a day. SSO also simplifies the control and management of passwords, with just one place for policy changes to be enforced.
Controlling BYOD devices
If you allow BYOD devices, you need access and control over those devices. Ensure that any company data, that is going to be stored on that device, is encrypted. You must also make sure you are able to remotely wipe your data.
If that device is compromised (either lost or access by unauthorised actors), you need to be confident that the data isn’t easily visible. You need to be sure you can delete it so that it doesn’t fall into the wrong hands.
Maintaining Security Updates
All applications issue security updates regularly. These are either scheduled, as they work to improve security, or one-off releases, as a weakness is identified and responded to. Your IT team should be installing security updates as soon as they are released, on your network and for 3rd party applications.
If you don’t you are, effectively, leaving the door open. If a threat actor “walks past”, there’s a good chance they will walk in.
To Protect your network, you need to take steps. After all, protecting your network means to protecting your business. the majority of businesses who experience a breach no longer exist six months later. If you want to be protected, let’s talk and see how we can help.