Securing my corporate network: where to start?

According to 2019 survey results performed by Fortinet, as many as 74% of companies have encountered a security breach of IT systems. Despite the intensive work of the government or law enforcement agencies on the issue of cyber security, it is worth remembering to self-implement policies to protect the company network.

Security of corporate networks is a priority for enterprises and at the same time, as the Fortinet study shows, their weakest point. The spectrum of cyber threats with the development of information technology is gradually increasing. Lack of attention to this issue can lead to data leakage, financial loss, loss of trust and even health.

What are vulnerabilities related to cyber security?

Malicious software, phishing, spyware and mobile hacking are the most common cyber threats. Businesses are aware of the problem, and the main reasons for this are:

• Poor visibility: nearly 80% of companies have limited access to security status, which is why it is so difficult to detect suspicious activity and respond
• Too few cyber security specialists
• Little time to assimilate all the changes in cyber security. Changes in this area are happening constantly, and it is difficult for businesses to grasp them all and be able to act effectively
• Network complexity – monitoring multiple devices at once requires knowledge, time and discipline because each device stores data differently and is configured differently.

What steps should you take if you want to ensure the security of your corporate network?

First of all, it is worthwhile to prepare the enterprise for the steps taken in this direction so as to prevent threats. Protecting against cyber attacks requires implementing comprehensive measures:

1. Prepare an inventory of authorized and unauthorized devices and applications. It is worth scanning active IP addresses and analyzing network traffic. Updating your devices will greatly limit unauthorized user access and allows you to track them down more easily.
2. Hardware configuration in the company. It is worth doing a review of software, computers and laptops in search of unnecessary programs, applications, games, etc. Are you sure there aren’t some vulnerabilities in the company’s software?
3. Configuration of network devices such as firewalls, routers and switches. This can be done through ingress and egress filtering, which will secure communications and open ports for business purposes only.
4. Access control. Company employees have access to many data resources. It’s worth monitoring access data and making sure you know who has access to what, how it’s stored. It is worth doing so in order to be able to react at the right moment (e.g., security threats).
5. Monitor administrator privileges. In many cases, the administrator has too much access to data. It’s a good idea to grant him 2 accounts: one admin and the other with limited privileges. You also need to pay attention to whether all devices have a changed username and password.
6. Properly designed network. This is the basis for the protection of a corporate network, without proper design and implementation, no security will work. Security issues must be taken into account already at the time of network planning. DNS servers should be implemented in a hierarchical structure, and the direction of DNS queries sent by computers should be to intranet DNS queries, not to servers on the Internet.
7. Back-up. When someone hacks into the system and infects it, and may also make various changes to the data, which will be difficult to recover if backups are missing on a separate device. Make backups of data, system and applications, preferably systematically and on an ongoing basis. The backups should be encrypted.
8. Security training for employees. An important point is to train employees so that they are aware of cyber threats and their own impact. Training on how to create secure passwords, instruction on how to open attachments from mail, cloud storage, etc. will come in handy.
9. SSL certificate and cloud solutions. SSL protocol is a guarantee of data confidentiality and credibility of the company. The cloud, on the other hand, is an increasingly popular solution that excels in data encryption, increases the efficiency of business processes, such as remote working. Data security in the cloud is regulated by law.
10. Good hosting on high-performance servers. SSD drives from a provider that offers flexible PHP customization will be best. For data security, the location of the servers and where the company is registered (preferably in Poland in a well-secured place) are important. An EU guarantee of cloud quality is ISO 2700 certification.

Hosting at ITH

Fast and stable hosting, high-performance SSD servers, SSL protocol are among the main points of our offer. We are specialists in the telecommunications services market, and we direct our services to SMEs, startups, as well as large enterprises, public institutions, developers, financial institutions or telecommunications operators. From the beginning of our cooperation, we emphasize a partnership approach and compliance with RODO regulations. We invite you to take advantage of our services and protect you from cyber threats.