Print Divider Print Divider Branding

DIY Data Security: Six Tips for Computer Network Defense

02/07/2018  |  By: Jason Riddle, CISSP, President, Information Security


Social Logo Social Logo Social Logo Social Logo

Business owners MUST have a computer network defense strategy in place. This is a critical task to protect your network. To develop a security program plan, you can outsource this task or keep it in-house. If your company has adopted a do-it-yourself approach to defending your network, make sure you consider the following things.

  • How many servers and workstations do you have?
    • Do you feel confident in adequately monitoring the network?
  • Have you had a risk assessment done to evaluate the financial impact of a breach?
  • Do you have a firewall and anti-virus software in place? A common misconception is this is all you need, but there are many other things to consider.

To some degree, there is validity in developing your own network defense solution. Many small companies are able to put tools, procedures and training in place to develop their security program plan and implement them to protect their networks. However, if you are a larger company that has compliance responsibilities, this approach likely won't work well.

Firewalls and anti-virus software are important pieces of the data security puzzle. If your company has it covered in-house, here are some additional measures we suggest to make sure the tools you have are working.

Six Ways to Increase DIY Data Security

6 ways to increase DIY data security that you might not have thought of:

1. Keep your servers under lock & key.

Firewalls are helpful in blocking malevolent Internet traffic, but they can’t help you with pedestrian traffic. An angry or unbalanced employee can do serious damage to an unattended system.

2. Use your logs.

Firewall, server, and intrusion detection system logs collect and store a ton of information. In most organizations, this data is rarely seen by human eyes. Make it a point to look at it. You can use free utilities to automatically search logs for events that need to be reviewed by your security team. Watch for anomalies—weird attempts to log into the system, high activity at an odd time of day or multiple pings from a far away geographic location that shouldn’t be so interested in you. If your webserver’s log file is normally 2MB and on Tuesday it was 250MB, you might want to take a look at that.

3. Educate your employees.

Educate them on common attack methods, like phishing. Make sure they know how to report things that… just don’t look right. Tell them not to click on strange links and to lock their keyboards when they walk away from their desks. And be sure to instruct them to think before revealing any kind of information to someone who asks for it.

4. Take another look at your anti-virus software.

Hackers get smarter every day. You need to stay one step ahead of them. Most anti-virus software packages these days have morphed into full blown endpoint protection systems. If you haven’t taken a look at your software’s feature set lately, now is the time. You’ll likely be surprised at what else it can do besides blocking common malware.

5. Attack your company.

Think like a hacker and try to break in to your network. There’s no better way to find gaps in your data security system than a simulated network intrusion. Run vulnerability scanners (like Nessus) against your own systems. And even consider launching a mock phishing attack against your own employees to see who bites—and to raise awareness.

6. Consider encryption.

Encryption is a great tool to keep your data secure and to help you meet regulatory requirements. Encryption can help protect your data whether you are on the Internet, performing a backup or walking down the street with your laptop in your backpack. Most of the earlier barriers to deploying encryption, like cost and performance issues, have been solved with today’s more powerful and affordable solutions. One great and easy-to-implement tool is Microsoft’s BitLocker disk encryption. It can be used to encrypt all of your company’s workstations, and you probably already own it! These are just some of the ways to increase your data security without adding a huge line item to your budget. Too many companies put their data security controls in place and then forget about them.

Taking a proactive stance will greatly increase your protection. Another way to think about improving your network security is to hire a cyber security firm to conduct a review of your system for you. This would involve bringing a cyber security professional in to assess your current data security controls, recommend fixes and train your IT personnel how to carry on after the review is done. There is no one-size-fits-all. Every step you take will bring you closer to keeping your network up and lessening your threat of experiencing a serious breach.

On LinkedIn or Twitter? Follow us on LinkedIn and on Twitter at @lbmcsecurity. Learn more about protecting your network from hackers by downloading our guide, Breachbelow.