Mexico. Networks are becoming more and more essential to daily life, so Comstor, Westcon Group's business unit and main wholesaler of Cisco equipment, presents us with the manual of good and bad practices to guarantee the security of the corporate network.
Attacks and intrusions across public and private networks are becoming more frequent, and can cause costly interruptions of critical services, loss of work, information, and money.
When talking about IT security, Comstor recommends not running away from the basic rules. With so many evolutions and new technologies on the market, hackers can take advantage of the simplest and most obvious breaches to invade systems if the step-by-step is not done correctly.
To ensure the security of your corporate network, you should make sure to do the following:
1. Update: Devices need to be constantly updated. And that's why you need to make sure they're getting the secure system updates. One tip is to have the guarantee that the connectivity of those devices is secure and that it always offers two-factor authentication.
2. Liability Contract: As it is technology, it is important to make sure about the contract for the provision of services, which defines the responsibilities of the provider. In the event of any violation of the contracted and contracting service, they must be on par with their rights and duties. The advice is to know how the collected data is being protected, both virtually and physically.
3. Cryptography and Passwords: With cryptography and access passwords, all information will be read only by the interested party. The measures must be adopted in agreement with each company, remembering that, although with that security protection, some unforeseen events can happen. One tip is to leave administrative control of passwords and operational systems shared with someone extremely trusted.
4. Vendor Security: IT professionals need to be vigilant when it comes to security and contracted infrastructure. The advice is to make sure of the manufacturers' supplement chain processes to prevent the introduction of malicious code.
5. Information: Stay informed, search the market for the most consistent types of attacks and how specialists are preventing those invasions. Study cases of companies that had to act with invasions and see what were the decisions they made to face the situation. Information on new weapons to combat invaders must be updated.
6. Standardization: When the issue is security in the corporate network, it is necessary that there is a standardization of the infrastructure to prevent the network from becoming extremely complex to the point of hindering its monitoring and management.
7. Have control over alterations: From a defined process, it is possible to restrict alterations, monitor those that are not authorized and know when the alterations do not follow the process and how to act in that scenario.
Don't do!
The integrity of a company's information, as well as its corporate network, must be taken care of by avoiding:
1. Use ultra-advanced technology: It will be a waste for the company to acquire any type of device that is with the days numbered. Even if it is a specific network problem, look for updated solutions or other possibilities that can give an upgrade in the system.
2. Ignore BYOD: In any company today, anywhere in the world, the end user always has a smartphone, tablet or laptop that they use during work hours. Although the company does not support the initiative, there needs to be protection on the network against those devices. In times of need, the end user will find a way to use their own device to remotely access information.
3. Forget about taking inventory. It is necessary to know exactly what are the equipment that are in your network, their useful life, with how much longer it is possible to have their services, their updates. From this information it is possible to foresee new purchases and alterations that must be made in the network and in what term.
Leave your comment