Securing your network
By Lionel Maclou
Modern business operation is impossible without a network where data is kept and shared among employees. Keeping that network secure is ‘business 101’ for any company – yet network security breaches are costing companies big and small millions every year. According to IBM, the average cost is $3.35 million per data breach (an increase of 9.8% year on year) with Australia ranked 13th out of 18 countries sorted by total data breach cost.
As we head into the new year, it’s a good time to revisit the simple steps that make your company network less vulnerable to attack and data theft.
Use a VPN
A VPN (virtual private network) encrypts internet connections and data transferred via your network. Most VPN services also have a built-in feature that will disconnect hardware from your network when a protected connection is lost, keeping you safe from unexpected data leaks. A VPN also provides security to employees when they are working remotely or travelling.
WPA2 is a type of encryption used to secure most Wi-Fi networks. A WPA2 network provides unique encryption keys for each wireless client that connects to it. Use a reliable, encrypted protocol for passwords on the router for your business network. The most advanced is WPA (Wi-Fi Protected Access).
Disable or restrict DHCP
DHCP (Dynamic Host Configuration Protocols) defines what IP addresses the devices on your network will have. It makes it easier to maintain a Wi-Fi network. For greater security, limit the number of IPs assigned by DHCP or disable the feature entirely (meaning you’d need to assign an IP address manually for each device connected to your Wi-Fi).
Always update router firmware
Outdated router firmware can make you more vulnerable to attack. Firmware should be updated at least annually to fix all existing bugs.
Use IPS or IDS
Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are effective ways to detect and prevent threats. IDS is used to detect any attackers such as malware or worms; IPS actively prevents the negative impact of the detected attackers.
Change the name of your company network
Don’t use the original name of your network as it usually contains the model of your router. This information can be used by hackers to understand how to breach your network.
Advanced endpoint detection
Advanced endpoint detection and response is new technology that uses AI to watch for indications of compromise and react accordingly. The technology collects and analyzes information from network devices, endpoint logs and threat intelligence feeds, identifying security incidents, policy violations, fraudulent activity and other threats. More advanced than anti-virus software, endpoint detection and response is becoming part of a modern, layered, proactive approach to cybersecurity.
For small to medium sized companies that don’t have a full-time IT team, network security can be challenging – but the costs of not tackling security seriously can be prohibitive. get the support you need to ensure your network stays safe in 2022.