rvlsoft - Fotolia
Security response technologies are improving, thanks in part to innovations in areas such as machine learning and automation. However, cybercriminals are equally adept at exploiting technical advances for their own interests. This makes it crucial for enterprises to have all their bases covered with best practices to ensure they have the appropriate policies, methodologies and procedures in place to maintain a strong defense against threats.
To this end, most effective IT organizations adopt network security best practices to maximize the effectiveness of their security and protect their assets. The following are 10 essential best practices every organization should use to safeguard their enterprises today. Keep in mind these efforts must be ongoing in order to be successful. In addition, these practices should be regularly reviewed to measure their effectiveness and, when necessary, adjusted if circumstances change.
1. Audit the network and check security controls. Knowledge is essential in maintaining a secure environment. To have an accurate perspective on the security posture of a given enterprise, the IT organization needs to run an audit of the network. By auditing, IT professionals can accomplish the following:
- identify potential vulnerabilities that need to be corrected;
- find unused or unnecessary applications running in the background that can be eliminated;
- determine the strength of the firewall and currency of its setting;
- measure the state of the networked servers, gear, software and applications;
- confirm the overall efficacy of the security infrastructure; and
- judge the status of server backups.
An audit shouldn't be a one-off event but, rather, an activity that is consistently conducted over time.
2. Revisit and communicate security policies. Having a pragmatic and valid security policy is essential to ensure a strong security posture. Too often, organizations fail to review policies to make sure they address current business operational requirements and security conditions. And, unfortunately, too often, enterprises fail to communicate these policies to both IT staff and, when applicable, end users. Organizations like the SANS Institute publish reference documents that IT pros can use as they reexamine and update policies, such as having a formal directive on instituting and executing changes.
3. Back up data and institute a recovery plan. Unfortunately, enterprises are operating in a threat environment where the question isn't if but when their environments are going to be breached. Facing this reality means it is critical to back up both operationally important and highly sensitive data. As ransomware attacks become more threatening -- affecting organizations across industries -- it is equally important to have within your network security best practices a recover strategy that minimizes downtime and limits costs.
4. Encrypt critical data. Data encryption is another vital element in protecting an organization's most valuable and sensitive information. IT organizations need to periodically assess data classifications and employ encryption where appropriate. VPNs can provide another layer of protection for employees who may have to access sensitive files from remote locations.
5. Update antimalware software. Out-of-date antivirus or antimalware software is one of the most common gaps in enterprise security. It is also one of the easiest to address. Security professionals should do periodic checks on their antimalware software, ensuring all devices are running the most up-to-date security software. IT should also automate its patch management whenever possible.
6. Set appropriate access controls and employ multifactor authentication. Effective access management starts with having the correct policies in place to dictate which users and devices have the right of entry to which resources. Employing access management systems and privileged access to control who can retrieve information is essential. Effective password management is also part of network security best practices. Passwords need to be at least 10 characters in length and changed frequently. Password management systems can help simplify this process. Multifactor authentication is another important tool, validating that only the proper user has access to the proper resource.
7. Establish and communicate a security governance structure. Compliance doesn't necessarily equate to security, but it can provide important guidance on how to safeguard against risks. Regulatory bodies, such as the International Organization for Standardization and the Payment Card Industry Security Standards Council, outline the importance of establishing an organization that specifies who is responsible for managing security and responding to cybersecurity events. IT organizations need to define the respective responsibilities individuals have in managing risks and reacting to incidents. Performing periodic risk assessments can help organizations prioritize vulnerability remediation and minimize downtime.
8. Educate end users. In an era when phishing attacks are a preferred methodology of many cyberattackers, raising end-user awareness is critical. In a 2017 survey of corporate employees conducted by Dell, more than 75% admitted they would willingly share confidential data under certain circumstances. End users have a propensity to fall prey to certain types of attacks that mimic normal communications. And, as cybercriminals become more adept at using email and other form factors to closely mirror professional interactions, the likelihood of a staff member succumbing to the threat increases. To keep employees informed about the evolving threat environment and associated corporate security policies, end-user education should be an ongoing process that is an intrinsic part of a company's culture.
9. Have a maintenance system for security infrastructure. IT organizations should approach security as a continuous effort that requires ongoing checks to make sure all systems and controls are working properly. As a result, businesses must have procedures in place to ensure their infrastructure is up to date and in good operating order. Security systems must be monitored and adjusted when incidents occur. Finally, IT organizations should adopt mechanisms that approve and communicate changes in security policies and practices.
10. Stay informed. One overarching requirement to establish network security best practices is to treat the discipline as an ongoing effort. This extends to staying on top of the changes in the threat environment. That means security staffers and IT pros need to understand how cyberattackers are adjusting their methods. They must also keep up to date about advances in threat identification and mitigation. The goal should be to apply learnings from past incidents to limit negative effects from future events.