Network security – Simple ways to lock down your network

lock up your secure information

Lock It Up!

Network devices provide PCs, Smartphones, printers and other devices a connection to information on servers and a connection to the internet.  Any access point that you add to the network is now a touch point that must be managed.  These devices are not “set it and forget it” technologies and need to be updated, swapped and managed.  Here are some ways to ensure your network is not being accessed maliciously:

  • Default passwords – any time you put in equipment, whether it is a router, WiFi, copier or switch, the default passwords need to be changed.  All of these units are preconfigured with a default admin username and password that is available on the internet.  If you don’t change these credentials, anyone can log into these devices and give access or steal files from hard drives.
  • Vulnerability Appliance – It’s important to be notified when a device is connecting to your network.  There are many software companies that can put an appliance on your network for a monthly fee and scan for any new devices or vulnerabilities.  If a new device gains access, an email is sent to an admin as a “heads up.”
  • Firmware Updates – these are Windows Updates for equipment released by the manufacturer to increase performance and to patch security holes.  A check should happen at least once a year.
  • Ensure Wireless networks are using WPA2 Security Protocol with AES encryption.
  • Firewall Lockdown – the firewall is the router that sits between your network and the internet (connected to your ISP).  Here are some critical lockdowns that must be done:
    • Change default username/password.
    • Turn on brute force attack handling to limit the number of connection attempts at a time.
    • Close Ports!  Think of your firewall as a brick wall.  A port is a brick that makes up the wall.  Applications run on specific posts, and in order for them to communicate with the internet, ports need to be open.  If you must open a port (for email or other communication), ensure you only allow traffic from a specific IP address.  For example, if you have a second office that needs access to a program at the main office, setup the port to only allow traffic from the second office’s IP address.
    • Update firmware and do yearly penetration testing.
Posted on October 26, 2017. Categorized as .

Related Insights

How to Develop A Cybersecurity Plan For Your Company [checklist included]

July 17, 2018

Cybersecurity is for every company. Cybersecurity isn’t reserved for major corporations that collect huge sets of credit data and personal information.  Every company that relies on the internet must be aware of… Read more

How To Spot a Phishing Email [2019 Update]

April 2, 2018

[Updated January 21, 2019] 2019 will be an even more eventful year for cyber attacks.  It’s too late now to think that only major corporations or government institutions have a need for… Read more

How To Close Up Vulnerabilities In Your Company’s Network

January 30, 2018

There are many ways that a hacker can enter a network and there are new entry points showing up constantly.  Typically, a hacker exploits a vulnerability, the vulnerability is reported and then… Read more

Request More Info

Get in touch and determine where managed IT services fits with your business.
Request More Info Mini

Stay Up to Date

Get valuable technology and security insights sent directly to your inbox.
Mailing List Sign Up