The 10 Commandments of IT Security

IT Security Commandment #2: Thou Shalt Protect Your Network

They say the best offense is a strong defense and in the world of information technology security that means installing and continually updating multiple layers of security. This commandment focuses on putting in key hardware and software that can be used to protect your network and employ the “multiple layers of IT security” strategy.

IT Security and the Technology That Protects Your Network

Spam Filtering. Many email providers often include this as part of their offering with an email account, but not always. The importance of this basic IT security layer cannot be overstated. Spam filtering software identifies incoming dangerous and/or unwanted emails from attackers, especially those using phishing as a means to attack a network or an individual user. These applications use a variety of filters to sieve out bad emails by looking at content, headers, links, languages of anything coming toward your inbox.

Backup. This is one of the first antes of this commandment. Put a backup in place for all important data and applications. In easy-to-understand terms, a backup is simply a copy of files from your computer/device/server/network. The backup software runs regularly and stores multiple versions over time. There are loads of backup options from which to choose, but any is better than none! A backup is a defense against a cyberattack as well as protection against natural disasters. We recommend storing the backup both locally and in the cloud. When any havoc (e.g., cyberattack, corrupted data, deleted files) occurs to destroy the network, the backup files are used to restore things and get you back in business.

Note that there is a key difference in types of backups. An “Image” backup copies everything from a source to the backup files—both data (e.g., Microsoft Word documents) and applications (e.g., the Microsoft Word software application). A “data” backup only copies the data (e.g., Microsoft Word documents, not the application itself). In the event an incident that requires a full recovery, having a full image backup will ease and speed up the recovery process.

BDR Appliance. For organizations where downtime must be avoided, another layer of security that can facilitate that goal beyond a basic backup is a BDR (Business Disaster and Recovery) appliance. Purchasing, installing, and maintaining a BDR has a high return when compared to the cost of downtime and a business loss. In short, this type of device acts as an all-in-one backup application, backup storage device, and standby server to run a business if a disaster strikes.

Firewall. Ensure a hardware firewall is in place, updated with all security features enabled. A firewall acts as a security guard. It watches anything that tries to get access to your network from the internet and stops any intruder that is unwanted or unrecognized. A firewall can also block specific content that you do not want available through your network for security and/or employee productivity reasons.

Encryption. This security layer is an ongoing tool that scrambles any plain text to ensure that only the intended recipient of that text can read it. This can be used to protect data that is sent, received, and stored on any device. It turns text in to cypher text that allows only those with the encryption key to unscramble the message and/or data. You encounter encryption daily on most legitimate websites that use encryption protection with Secure Socket Layers (SSL) which enables encrypting data sent to and from a website. The “s” in https:// is proof that this is in place. Additionally, it is highly recommended that personal devices such as laptops be encrypted to prevent untoward actors from accessing anything. On a Windows PC, it is as easy as turning on device encryption within your settings menu but be sure to keep your encryption key safe and secure.

Next Generation AV or EDR (Endpoint Detection and Response). We highly recommend organizations of all sizes install NextGen AV or EDR into their networks. This takes antivirus to the next and more proactive level. EDR builds on basic antivirus software by acting as the information hub for an entire network. It collects and analyzes what is going on with all endpoints connected to a network. Collection agents on the network report back continually on potential attack vectors and enable automated response mechanisms—the first of which is to contain the attacking item. Using AI software as well as human intelligence ensures that the issue is investigated and eliminates the problem if it is confirmed to be an attack.

This 2nd commandment of IT security as outlined here involves quite a number of recommendations for hardware and applications to reduce the vulnerability of your organization’s network. The folks at IT Radix are here to help you and your organization behave properly to keep things secure and productive! Contact us today for more ways to protect yourself and your team.