We know you’ve probably heard (and possibly ignored) a lot of messages on cyber security. But there’s a reason why you see these notices so often: it matters. If your network gets compromised, customers will start to doubt your reputation and trustworthiness.
A little while ago, we put out a blog offering 6 ways to stop common network security threats and promised to share more tips later. In this post, we’re delivering on that commitment. You’ll find another 6 bits of advice below. Hackers are relentless, and are always coming up with new ways to infiltrate your network. So you should have several precautions handy.
1. WiFi Reviews
In every WiFi network, there’s a small patch that falls just outside of your perimeter controls. This little bit of terrain is susceptible to security glitches. By keeping an eye on your infrastructure with regular WiFi reviews, you can quash even the craftiest of bugs.
Some WiFi networks are so advanced, they can expand your visibility of where wireless attacks are coming from. From time to time, employees may join other networks. You should monitor this activity too.
2. Web Application Firewalling
Web apps usually have a small number of network ports - around 80 to 450 - and have to be accessible to many. Regular firewalls can be hopeless at protecting information stored in or sent via these apps. Web app firewalls (WAPs), on the other hand, can provide authority over input types and access to delicate areas, such as admin interfaces.
You may want to set your WAP so it’s your first line of defence against any DoS and DDoS attacks. But remember: you’ll need more than a DNS redirect to stop hackers from breaking into your apps.
3. Penetration Testing
Unlike vulnerability scanning, which detects threats to your network, penetration testing uncovers how an attacker will breach it. In essence, it presents a hacker’s point of view of your system.
To become an expert in this testing, keep your scope small to begin with and enlarge it as your security infrastructure grows. Testing once a year is normal for most companies, but those who’re more security-conscious will test more often.
4. Red Team Exercises
Red team exercises are like shorter-term penetration tests, which you can use to tighten up your network’s security during frequent testing. They can outline the steps of a breach and can even be carried out as micro penetration tests that monitor your environment while it’s being attacked.
It’s best to have an internal team carry out these exercises. After all, they know your network better than anyone. You may also want to integrate red team exercises into your penetration testing.
5. Identity and Access Management
Got a feeling that somebody’s watching you? Or that somebody’s gone somewhere they shouldn’t? Identity and access management can put your suspicions to rest. It’ll stop unwanted guests from entering your network, and prevent good-intentioned employees from opening the wrong doors.
If you suspect there’s anyone out there who means to harm you, you should restrict their access as quickly as possible. Any dormant accounts in your system should be deleted after a fixed period. 90 days is common for many businesses.
6. Centralised Monitoring
For maximum security and reassurance, all systems should be linked up to a central server. This way, all activities within your network can be recorded. Security and Event Information (SIEM) technologies can then be used to spot any threats from the central server.
Be sure to link absolutely everything to the server, including your networks and endpoints. And set it up to spot and alert you of any unusual activity.
Never Stop Learning
We may have reached the end of our two-part series, but that doesn’t mean attackers have called it quits. All the techniques here and in our last blog can help you to stay safer, so be sure to practice them regularly.
There are more tips like this in our Quick Guide to Cyber Security. It doesn't take long to read, and you can easily apply our advice to your business right away.