The importance of secure network infrastructure
This entry was posted on August 31, 2017.
Your IT infrastructure is the backbone of your business. All hardware and software needs to work and function in order for your organisation to perform to the very best of its capabilities. But, one of the biggest threats to your network infrastructure and your business is security. You need to keep your network secure to avoid situations like the recent WannaCry cyber attack.
Keeping your network secure is a task that never ends.There are numerous things to consider when it comes to network security and we’ll look at the three of the most important things in this blog post.
Keep your software up to date; or you’ll WannaCry
WannaCry was one of the biggest cyber attacks in history that compromised networks all over the world. One of the biggest victims in the UK was the NHS, which was crippled by the scale of the attack. WannaCry is a encryption-based ransomware that infects and locks a computer system demanding payment of $300 of bitcoins to save your files from being deleted.
The NHS and other businesses across the world could have avoided the WannaCry hacking scandal by keeping their software up to date. A freedom of information request sent to 63 NHS trusts in December 2016, revealed that 90% of them still run on the defunct Windows XP operating system. Microsoft discontinued Windows XP support in April 2014. While it is true, the UK government did have an exclusive agreement with Microsoft to continue developing support for Windows XP, the government took a decision to not renew this contract in 2015.
So the message is simple - spend time to keep all of your software up to date. Installing automatic updates can be a pain and really annoying - but it’s well worth the hassle in the long run!
Keep your eye on BYOD
Bring your own Device (BYOD) is a relatively new idea to the working world and it has many benefits for businesses and employees alike. The principle is simple, you bring your own laptop, tablet or mobile phone and use it for work. With technology advancing at a rapid pace, BYOD leverages your employees’ natural inclination to keep up with the latest advances in technology. It’ll also save your business the cost of purchasing brand new IT equipment. It also allows your employees to use a device they feel comfortable using.
But BYOD isn’t without it’s pitfalls. You’ll need to think about the implications of allowing your business data to be accessed on personal devices. You’ll have very little control over the device and what the device accesses. What happens if the device is lost, stolen or infected with some sort of virus or malware? You could end up with a device that has a backdoor to your entire network.
The best thing to do is set up a BYOD policy. There are some fantastic resources available on the web, but one of the key takeaways from all of this is that you need to have some sort of security policy in place on devices. For instance, you can have software that can remotely wipe a fine in the event it goes missing. The biggest risk is not having any sort of BYOD policy in place at all.
Addressing social engineering
Social engineering is one of the biggest threats to your the integrity of your network. In fact, according to research by Agari, 60% of enterprise businesses fell victim to social engineering scams in 2016. 65% of those who were attacked say confidential employee information was compromised during the breach.
Social Engineering is the practice of manipulating people to surrender confidential information. The types of information criminals try to obtain from you can vary, but generally speaking it’s confidential details such as passwords, bank account details or information that is critical to your business. Perpetrators of social engineering are ingenious with their methods. Attacks can come in the guise of emails, that imitate trusted contacts. They can also prompt you to download a particular file, taking advantage of your curiosity. Or some attacks can take the form of a story where you’re being asked to help somebody in another country or financially.
There is no ‘off switch’ for social engineering, you cannot indefinitely protect yourself from this kind of attack. But you can invest in security awareness training for yourself and your staff, that’ll help you spot threats better.
We hope these tips helped you consider what you can do to keep your network secure. Is there something else you’d like to suggest? Or maybe something we haven’t mentioned?
King of Servers is always happy to help. Leave a comment at the bottom of this post, or get in contact with us on 0330 124 1245.