Thanks to the internet, individuals, businesses and computer systems can now share sensitive data among one another more easily than ever before, but there’s a downside to this near-universal connectivity: network attacks are becoming more and more prevalent. According to a recent PwC Global Economic Crime Survey, 32% of organizations have experienced illegal data breaches, making cybercrime the second-most reported economic crime in the world. At the same time, IBM reports that within the U.S. the average data breach ends up costing the targeted business approximately $7.35 million dollars.
Attacks, moreover, are becoming more frequent.
With so many threats and so much at stake, even the best network security teams are struggling to keep up. The good news is that there are measures you can take to protect your business against the range of cyber-security dangers that threaten it. We’ve compiled them into a single list of nine network security best practices. Read on to see how with a little prevention you can optimize your network security plans for 2018.
The 2018 Network Security Best Practice Checklist
Network attacks are evolving, and yesterday’s solutions may not be enough to counter tomorrow’s threats. This is why one of the most essential — yet most basic — network security best practices is keeping your antivirus software current. Effective, up-to-date virus software will incorporate tested solutions to some of the most recent known exploits. As such, software updates should be installed immediately as they become available. The most effective antivirus options can protect you in over 90% of instances. However, no single solution is foolproof, and as threats become more advanced, ongoing antivirus audits and supplemental systems are becoming just as important as installing the latest patches.
We tend to view our networks as walled fortresses trying to repel incoming enemy attacks, but in truth sometimes it’s the people inside the walls who are the bigger danger. Nearly 75% of all data breaches are a direct result of insider threats — and of those threats, 68% can be attributed to employee or contractor negligence (only 22% of insider threats are intentional). The solution? Improved network visibility. Constantly monitoring users within your network may be the single-most important security policy you adopt. After all, if you can’t see it, you can’t secure it. By tracking internal network use, you can improve your situational awareness and see what actions may be compromising your network security. You can then move to correct those actions before they turn into something more serious.
While unintentional insider threats may be the more widespread problem, intentional ones — where authorized users attempt to steal valuable data — can still cause major damage. In many cases, these kinds of attacks happen as a result of disgruntled employees (or former employees) using their network permissions to access sensitive information. Most businesses have different levels of privileged users but giving anyone access to everything is a huge risk. Never allow any of your users the authorization to security logs and be sure to provide and enforce network-use guidelines for anyone with permission to access network data. Also, be aware of the dangers of BYOD and IoT devices connecting to your network, as these devices can also carry malicious programs or lead to data being taken off premises.
When it comes to network security, we sometimes err on the side of caution. For example, even though certain tools are designed to be more effective with certain kinds of traffic, many organizations still send all of their network traffic to all of their security tools. Unfortunately, with network speeds, data volume and the number of business applications all increasing, security tools are being pushed beyond the capacity they are built to handle. This increases cost while also slowing down business applications and, ironically enough, leaving networks more open to attack. A much better solution is to give your security tools access to only the traffic they need to analyze while preventing access to the traffic they don’t need to see. A next-generation network packet broker, purpose-built for security solutions, can provide traffic intelligence features such as metadata, application session filtering, SSL decryption, masking and more to ensure that appropriate traffic is being optimally routed to inline and out of band security tools. This not only improves network security but also allows for faster application and network performance.
Your organization isn’t the only one that wants to keep your network safe from intruders. Users have a vested interest in ensuring that their sensitive data is kept out of malicious hands, and that means that the government is likewise interested. Federal and other government rules exist to help ensure data security, and businesses and other organizations are expected to comply. Regulations (such as HIPAA, ISO, and PCI DSS) may seem like an extra hassle, but they provide a number of reliable network security best practices around policies and procedures that can keep your customers and your business, safe. If you want to keep your network secure in 2018 and beyond, don’t let your compliance slip.
Speaking of regulation and policy, sometimes setting clear expectations and guidelines for your employees can mean the difference between secure and unsecured networks. This will help network users better recognize what is, and what is not acceptable user behavior. Perform a network security risk analysis and see what areas your policy most needs to cover. Of course, guidelines are only useful when employees internalize them. Given the massive amounts of employee onboarding most organizations put their new hires though, it’s not surprising that many employees fail to do more than give network security policies more than a cursory glance. To make sure that employees are contributing to network security, provide on-going security-policy training, including what to do in real-life situations. Also, keep a security-policy expert on-hand, so that when users need further clarification they have someone they can go to.
One important thing to remember about digital information is that it can be copied. This means that at any given point in time, your organization can create a backup — essentially a detailed snapshot — of your network data. By then maintaining that data separate from the rest of your network, you’ll have a recent version of your data to fall back on in the event of a damaging cyber attack. Despite this, only about half (51%) of businesses keep a data back up, and only 36% of enterprises back up their business data completely. Be sure to regularly back up your entire network, so that no single breach has the capacity to completely obliterate the information your company depends on.
Many businesses outsource to third-party contractors, and that often means that those contractors need some level of access to the organization’s network. That said, if internal employees represent a major threat to your network security, then third-party users are at least as dangerous. Allowing third-party contractors network access increases the number of system access points, and in turn creates more potential entry locations for malicious attacks. If you work with contracted employees or agencies, never allow them more data access than is absolutely necessary. At the same time, carefully evaluate any contractors before you commit to working with them. If they are compliant with regulatory requirements, and if they follow effective security policies, they’ll be less likely to turn into a liability.
Network security best practices can help you create an effective plan of defense for your vital data, but if your users aren’t doing their part, then your network will always be vulnerable. This means that if you want to secure your data, you need to secure the users who access it. Train your employees on how to recognize and report specific threats, create strong passwords, and use and access data correctly. Your security best practices are only as good as those who follow them. Educate your employees on how to protect your network, and you’ll have another reliable line of defense between your data and the threats that could compromise it.
Prevention Is Always the Best Network Security Plan
By the time you discover that your organization has suffered a data breach, the damage will have already been done. This is why it’s so important to prepare ahead of time. After all, in terms of network security, an ounce of prevention is worth far more than a pound of cure.
This blog was brought to you by our partner, GigaMon.Gigamon is the company driving the convergence of networking and security. We help make more threats visible, deploy resources more efficiently and maximize the performance of your network and security tools. They are a valued sponsor of our annual Camp Secure Sense 2018 and will be presenting on Day 1 at 11:40 am.
Head on over to the registration page to discover other thought leadership presentations exclusive to Camp Secure Sense here.
With only 14 days until Camp, 1 more HOUR to register and a few spots open for InfoSec leaders, we encourage you to register today.