Network security – Simple ways to lock down your network

lock up your secure information

Lock It Up!

Network devices provide PCs, Smartphones, printers and other devices a connection to information on servers and a connection to the internet.  Any access point that you add to the network is now a touch point that must be managed.  These devices are not “set it and forget it” technologies and need to be updated, swapped and managed.  Here are some ways to ensure your network is not being accessed maliciously:

  • Default passwords – any time you put in equipment, whether it is a router, WiFi, copier or switch, the default passwords need to be changed.  All of these units are preconfigured with a default admin username and password that is available on the internet.  If you don’t change these credentials, anyone can log into these devices and give access or steal files from hard drives.
  • Vulnerability Appliance – It’s important to be notified when a device is connecting to your network.  There are many software companies that can put an appliance on your network for a monthly fee and scan for any new devices or vulnerabilities.  If a new device gains access, an email is sent to an admin as a “heads up.”
  • Firmware Updates – these are Windows Updates for equipment released by the manufacturer to increase performance and to patch security holes.  A check should happen at least once a year.
  • Ensure Wireless networks are using WPA2 Security Protocol with AES encryption.
  • Firewall Lockdown – the firewall is the router that sits between your network and the internet (connected to your ISP).  Here are some critical lockdowns that must be done:
    • Change default username/password.
    • Turn on brute force attack handling to limit the number of connection attempts at a time.
    • Close Ports!  Think of your firewall as a brick wall.  A port is a brick that makes up the wall.  Applications run on specific posts, and in order for them to communicate with the internet, ports need to be open.  If you must open a port (for email or other communication), ensure you only allow traffic from a specific IP address.  For example, if you have a second office that needs access to a program at the main office, setup the port to only allow traffic from the second office’s IP address.
    • Update firmware and do yearly penetration testing.
Posted on October 26, 2017. Categorized as .

Related Insights

Copeland News Alert: The NYS Shield Act 2020

February 24, 2020

Is your company SHIELD ready? New York State is getting serious about cybersecurity. Their most recent action that was signed into law on July 25, 2019, is the New York State Stop… Read more

Why Should I Use a Password Manager?

March 11, 2019

We repeatedly stress the importance of strong passwords that are unique to every website, but with dozens (or hundreds) of complex passwords it becomes challenging to remember them. This is where a… Read more

How to Develop A Cybersecurity Plan For Your Company [checklist included]

July 17, 2018

Cybersecurity is for every company. Cybersecurity isn’t reserved for major corporations that collect huge sets of credit data and personal information.  Every company that relies on the internet must be aware of… Read more

Request More Info

Get in touch and determine where managed IT services fits with your business.
Request More Info Mini

Stay Up to Date

Get valuable technology and security insights sent directly to your inbox.
Mailing List Sign Up