Seven resolutions for computer network security

Dec 22, 2006 11:20 AM

As New Year's Eve approaches in a hacker-prone era rife with data theft, historically high levels of SPAM, and increasingly innovative computer fraud, IT security managers should resolve to combat these attacks in 2007.
"It doesn't take very long at all to enhance the security of a computer or its network," says Andrew Greenawalt, founder of Perimeter eSecurity, Milford, Conn. "Whether you have a small business network or a vast business enterprise, these seven steps are imperatives to optimize your eSecurity as the New Year approaches."

1. Change every password you can find before New Year's Eve: every online commerce site visited, every computer, and any other password-protected device or Website will be security enhanced with this simple, time efficient move. Avoid easily discovered passwords such as names or numeric series such as 98765. Resolve to change your passwords at least quarterly in 2007.

2. Download patches and updates: Even the least expensive computer security programs offer downloadable updates or "patches" that can detect the latest viruses, close "backdoors" that hackers have discovered, or otherwise enhance network protection. Operating systems should be patched and upgraded at year-end, and regularly as well.

3. Hire a Hacker: Network owners should use the holiday lull to conduct a "penetration test," as it's called in the industry, to identify weaknesses in the network's security. Also known as a "vulnerability scan," these tests attack a network just as a hacker would. Instead of attacking databases and network tools, these scans report back on specific vulnerabilities and recommend ways to solve the problems they identify.

4. Conduct Regular eSecurity Check-ups: Keep your network safe by scheduling ongoing risk assessments. These automated, monthly remote risk assessments can be conducted for less than the cost of a single onsite review and can help assure that confidential customer and financial data are as secure as possible from external attack.

5. Communicate and Review Your Data Security Policy: Write a memo to all staff members stressing the importance of protecting such critical, confidential customer data as social security, bank account or credit card numbers. State an explicit policy on how and when, if ever, these should be included in unsecured email correspondence with customers and others. Consider implementation of a simple encrypted email system as a giant security step forward for 2007.

6. Keep Your Network Virus Free: There's nothing worse than starting the New Year with a network infection. With the increasing amount of entry points for viruses to penetrate your network (e-mail attachments, shared files, infected Websites, downloads, etc.), a full evaluation of your network is critical to ensure that safeguards are in place to protect all these entry points and minimize infection. Unfortunately, simply installing AV software is not enough -- the AV system still needs to be monitored to ensure that the most recent definition files are updated on all devices and you are alerted when a device is not "up-to-date."

7. Consider "giving up" on do-it-yourself security: Just as few business people attempt do-it-yourself insurance or computer repair, fewer still are able to keep up with the increasingly complex, fast changing demands of computer network security. The New Year is a good time to consider "outsourcing" network security.

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

This month in Access Control

• Targeting The Customer
• Electronic Pedigrees
• One Hero Among Many
• Who? What? When? Where? Why?
• More from September's issue