Winning Online

By Will Gayeski, Network Engineer - WSITS

Common sense tells us that when you have something of value you make sure you do everything in your power to protect it. Personally, I consider an organizations data to be one, if not the most, valuable of assets. Often we find small businesses are unaware of how exposed their data is, and the modest cost required to implement a solid first line of defense. In times like these, it pays to be proactive to ensure your data is safe and nothing unexpected is going to happen to it.

New threats to your network are ubiquitous and are becoming increasing more complex every day. Companies need to break away from the status quo and recognize that corporate antivirus programs alone do not provide adequate levels of defense. Firewalls are a must for any network, and have evolved over time to perform multiple security functions previously only available in very expensive and high end devices. Today’s new devices include IDS (Intrusion Detection Systems), Built-in Antivirus, Web filtering, Anti-Spam, and the protection against the unauthorized use of the file sharing and instant messenger. These new devices will help you keep your network running the way it should and ensure that nobody is doing anything intentionally or unintentionally that will prevent it from doing so.

Our experience has shown that few companies are taking advantage of the integrated security features available in today’s firewalls and of those who have are suffering from improper implementation or lack of maintenance. Updating and maintaining your firewall is almost as important as having one. In order to be effective, firewalls need to be properly maintained in order to ensure they are working to their full potential.

Most businesses are unaware that a firewall with built in IDS (intrusion detection system) can provide the critical first layer of defense their data needs.  On some of these new models the IDS updates automatically on a daily basis which will tell you how often new attacks are coming out.  A good IDS and can protect your network from attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation, unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms).  Not only can they prevent external attacks, but the right IDS can tell you what devices on the internal network are infected, and what they are infected with. 

The first thing to do if you think your company is vulnerable is to take the time to schedule a quick and simple audit of your network security. The goal of the audit should be to come up with a network security plan. Generally speaking, when you implement a plan of action, things have a tendency to go much more efficiently and this holds true for your network as well. A network security plan will help you figure out where you need to start, and what will be the first line of defense against intrusion. Taking the time to review your network can make a world of difference and prevent a plethora of problems.