The probability that your organization will experience a data breach or ransomware attack is on the rise. Preventing cyber attacks is crucial for protecting your organization’s reputation, preserving your data and operating your business without the risk of paying criminal hackers. Balancing ease of use and access to network resources with protecting your sensitive corporate information and the personal information of your employees and customers can be a challenge.
Failing to secure your network adequately can have devastating consequences. Organizations from hospitals, school districts, government and law enforcement agencies, to businesses of all sizes have been impacted recently by ransomware attacks. The loss of sensitive information, the disruption to your regular operations, the financial losses incurred to restore your systems and files, and the damage done to your organization’s reputation, from a ransomware attack can be catastrophic.
Dealing with breaches can also be overwhelming. Data breach notification laws are notoriously complex and vary from state to state. Failure to comply with these highly technical regulations can expose your organization to significant regulatory actions and private litigation. The best way to avoid the scrutiny and headaches caused by a data breach is by implementing responsible cybersecurity technologies and practices.
As threats grow more sophisticated, limiting security to a traditional firewall is no longer adequate for protecting your network. Your entire server infrastructure, armed with the latest innovations to prevent, detect, and recover from security attacks should be your strongest defense against hackers and cybercriminals. The following are some essential measures you can take to strengthen your organization’s security posture and protect your network against cyber attacks.
Deploy Unified Threat Management or Next-Generation Firewalls
Stop threats at the edge with a unified threat management (UTM) firewall or a next-generation firewall (NGFW). UTMs combine the functions of a traditional firewall with intrusion prevention and antivirus. UTMs focus on simplicity and ease of use. They may be the ideal solution for a small to medium-sized organization.
Next-generation firewalls (NGFWs) bundle traditional firewall functionality with intrusion prevention, antivirus, and protocol filtering to block modern threats such as advanced malware and application-layer attacks. Along with better security and simplified management, NGFWs provide greater visibility and more control of network traffic.
Whether hardware or software based, UTM or NGFW, a firewall is only as good as the set of rules governing which packets are and are not allowed through. Proper configuration is the most important factor for ensuring maximum firewall protection. There are numerous ways attackers can exploit common configuration mistakes and errors in the rules you define for your firewall.
Deploy Web Application Firewalls
If you host a website, offer Exchange, Skype, FTP or other services to external users you need a web application firewall (WAF). Network firewalls defend the perimeter of your network and provide some degree of application awareness; however, application-layer attacks bypass standard perimeter defenses. WAFs provide an additional level of granularity designed to protect web applications against common attacks such as SQL injection, cross-site scripting, and directory traversal.
Many organizations that process card payments online are turning to WAFs for Payment Card Industry Data Security Standard (PCI-DSS) compliance. PCI DSS offers two alternatives for meeting compliance requirement: WAFs and code review. Most organizations opt for WAFs because application code reviews can be costly and impractical.
Enforce Endpoint Security
Employ an endpoint security strategy that includes every device that connects to your network, including; PCs, laptops, handhelds, and specialized equipment such as inventory scanners and point-of-sale terminals. Consider a next-generation endpoint (NGEP) solution. Traditional antivirus software only checks for signatures of known malware making them susceptible to day-zero threats that exploit previously unknown security vulnerabilities. NGEP platforms take the extra step of analyzing processes, changes, and connections to identify suspicious activity that may indicate foul play.
Many NGEPs go beyond just detecting threats. They quickly identify, expose and, resolve threats, then rapidly update your endpoints to neutralize the threat the next time it is encountered. Look for NGEP solutions that provide unobtrusive protection and minimize the number of false-positives they report.
Secure Wi-Fi Access Points
Wi-Fi networks should be secure and hidden. Hide your Wi-Fi network by setting up your wireless access points and routers so they do not broadcast their service set identifier (SSID). Password protect access to all wireless routers on the network.
The use of personally-owned routers and access points for accessing your wireless network should be discouraged. The security measures built into most consumer-grade devices are not sufficient for protecting your network from cyber attacks. Additionally, these devices may be difficult to patch and configure properly.
Require Strong Passwords with Multi-Factor Authentication
Require network users to use strong passwords and to change them frequently. Implement multi-factor authentication that requires additional information beyond a password to gain entry. Check with vendors that handle your sensitive data, such as financial institutions, to confirm they support multi-factor authentication for accessing your account.
Ensure Employee Awareness and Accountability
Social engineering and phishing attacks pose significant threats to your network. These scams have been around for decades, and new scams are developed all the time. Keep your employees up to date on the latest social engineering and phishing scams and ensure they understand best practices to avoid becoming a victim and keeping your network safe. A commitment to cyber hygiene and adherence to current best practices is crucial for protecting your organization against cyber threats.
Back up your Important Business Data
To protect your organization against accidental deletion, database corruption, hardware failures, and natural disasters, you should back up the critical data on your network regularly. Daily backups should be performed on newly-created or modified files, and full backups should be performed on a weekly basis. Copies of the backed-up data should be stored securely offsite or in the cloud. An industry-suggested standard for backing up data is the 3-2-1 rule that states you should ideally have three copies of your data backed up on two different mediums, with one offsite copy of that backup data.
Test your backups regularly. Too many organizations invest substantial time and money backing up their data only to find the backed up data can’t be restored when something goes wrong. Perform realistic tests that duplicate the conditions you will face during an actual restore. Systematically test restoring all types of data from folders with subfolders to critical applications. Pay special attention to applications with complex database structures, such as Microsoft Exchange, that may cause problems.
Monitor your Network for Suspicious Activity
Monitoring a network is an ongoing process that should be done daily. Many organizations implement expensive security tools, but fail to monitor the events they log, rendering these tools ineffective. Your organization should have procedures in place for identifying suspicious or malicious activity in the event logs and a plan for following up and responding to these events.
Perform Regular Penetration Testing
Regular penetration testing is your best proactive approach for detecting your network security strengths and weaknesses, and what data may be vulnerable to attack. Penetration testing will help you discover how attackers can gain unauthorized access to your environment through your email systems, firewalls, VPN tunnels, web servers and other network devices. Penetration testing should be performed at least once a year and each time your network infrastructure is significantly altered.
Cerium is Here to Help
The team at Cerium can work with you to proactively design and deploy security solutions that address your immediate needs and ensure alignment with your future technology initiatives. We offer leading-edge hardware and software network security solutions that target a wide range of threats and stops them from entering or spreading across your network. We also offer a variety of security testing, compliance audits, and assessment services to help you understand the current state of your security infrastructure and provide actionable recommendations for defending your network against cyber threats, including:
- Network Vulnerability Scans: A general vulnerability assessment to define your current security posture from two points of view: external border and internal network.
- Wi-Fi Security Testing: Examines the security of your wireless network design and topology. Reviews wireless components such as controllers, access points, client workstations and mobile device settings to ensure proper security measures are employed.
- VoIP Security Testing: Examines your VoIP system to uncover security vulnerabilities.
- Penetration Testing: A proactive approach to network security, penetration testing exposes weaknesses in your network’s security that hackers can exploit through your email systems, firewalls, VPN tunnels, web servers, and other network devices.
- Web Application Penetration Testing: A thorough process for testing the security of your Web applications that includes fabricated malicious attacks to test your defenses.
- Social Engineering Testing: A range of phishing tests to ensure your employees are aware of the latest scams used to gain access to your confidential business secrets or reveal information about usernames and passwords.
- Regulatory Compliance Audits: Meet industry compliance requirements and avoid penalties. Our audits evaluate and demonstrate your compliance with HIPAA/HITECH, HITRUST, GDPR, PCI-DSS, and other regulatory requirements.
Contact Cerium today to learn more about how we can help make your network more secure.