So, it’s Cyber Security, right?
Well, not quite. Cyber Security is a vast topic with many elements to be broken down and discussed (see our article Cyber Security Precautions and Planning). However, at the core of a solid Cyber security strategy, is your Network Security.
Network security focuses on the specific protection of your files and data, as well as the ability for someone to traverse your internal channels and networks across the entire organisation. A well-implemented network security system blocks access to, or modification of secure information by viruses, malware, hackers etc.
Why focus on “Network Security”?
Many parts of your business have vulnerabilities and areas that are prone to exposure. Of course, it is absolutely the aim (of an aforementioned Cyber security plan) to protect anything that is exposed. However, although the security at the bank starts at the front door, the closer you get to the money, the tighter the protection gets. This is exactly the way to think about your infrastructure. Even if someone was able to sneak through any possible avenue available – how far could they get? Network security is like that vault in the bank; you start from the inside out. Protect what is most contained and most valuable first.
How do I start with Network Security?
Firstly, you need to understand your network. You need to understand the complete topology and interconnecting networks, within your network. If one person has access to a set of data, what else can they access? Where do their credentials take them? Then think of the next level: what if someone with elevated credentials becomes exposed? If this was a hacker, where can they travel to next?
You need to understand your internal highways and what roads lead where. You also need to identify your “crown jewels”. What is most important to your organisation and what would cause the most harm if exposed to the wrong person? The chances are it is anything to do with people. Where PII (personally identifiable information) is involved there is the risk of significant harm to your business. This was further enhanced with the Australian Government’s 2018 update to the Privacy Act 1988: Notifiable Data Breaches, if you incur a breach that includes the loss of information, which is likely to result in harm without guaranteed resolution, this must be reported to the OAIC and potential public releases informing your users of such an exposure.
Once I understand my network, and know the valuables, what’s next?
Understanding is a huge part of the journey. Now you need your focus on authentication and isolation. Isolate those individual critical elements and ensure you have the highest levels of authentication – more than just a ‘tricky’ password. A password can be hacked (either brute force or simply by accidental exposure), but by using multi-factor authentication you reduce the risk of direct access via simple password exposure to an infinitesimal level.
As you follow the breadcrumbs you can continue to enhance the security and protection of each individual service and segregated element as you work your way outwards to the perimeter. Using a deep understanding of your critical paths and working your way outwards you can protect what is most valuable, and ensure that an intruder is bound by perimeters.
Most organisations will have a firewall/unified threat manager in place, but there are several other layers of protection required to properly secure your network: VPN tool management, wireless protection, email & spam protection, content filtering, mobile device management security and Security Information and Event Management (SIEM) to name a few.
The idea of entire totalitarian protection is a great concept and an absolute aim, but let’s start protecting your core. Focus on network security, and protect your people, your customers, their information, and all that is most significant to your business.
andersenIT is offering customers a free network and security assessment in March which will provide the insights you need in making that next step. Please fill in your details and we will get in touch.
