The administrator often acts as the security officer of the network. It is your responsibility to investigate and
resolve unsuccessful login attempts, intruder detection lockouts, compromised passwords, viruses, spam and security policies.
This checklist was created by Doug Chick.
Perform a security audit
- Use outside vendors to conduct and audit. This will ensure that there is no favoritism or politics in the results, and provide credibility with senior management. Ensure the vendor or contractor you use covers the items listed below as a minimum. Find out who will be conducting the audit and review resume and references from past audited companies. Ensure goals of the audit are adhered to.
- Assess physical security: Video monitoring, data and portable media handling, paper shredding methods and policies, physical layout and location of data center, security of LAN closets, cleaning crew access, key and access controls and logging and challenge the procedures.
- Assess network security: Proper segmentation of LAN and WAN, proper passwords, limited use of protocols -- only those necessary are installed, IDS systems within the organization, firewalls, redundancy and failover or clustering of servers, routers and switches, restricted us of dial-up anywhere in your organization – including prohibition of telnet or other unnecessary protocols.
- Application security: Encryption, default accounts renamed, deleted, changed passwords, all software and Web/email servers hardened, patched, updated and secured.
- Policy and procedures: Acceptable use policies, security incident handling procedures, incident escalations, remote access policy, firewall management policy, disaster recover policy. Security awareness training for all employees is a never-ending process.
You have firewalls and antivirus software. You implement security patches regularly, and
even have IDS. You may think you're doing all you can to protect your network, but think again. Security dangers you're not even aware can be lurking in every corner of your network. This tip by Dave Piscitello offers 10 foolproof initiatives to
boost your network security
A well-designed security policy is a powerful tool in your network security arsenal. Using built-in tools found in Windows XP, you can create and enforce your own custom security policy for all of the systems in your network. In this tip Chris Cox shows you how to create and enforce your own custom security policy.
More resources for creating and enforcing security policies:
Network security tools
Dig deeper on LANs (Local Area Networks)