Physical Security- Where you set up your network and how you physically protect it is one of the first areas to think about.
- Set up your system on a sturdy and stable surface as close to the ground as possible.
- Be sure your system is safe from excessive sunlight, dust, water, and fluctuating temperatures.
- Set up system in a room with a lock and possibly an alarm system.
- Protect or disable the power and reset switches.
Network Security- The overall security of your network and setting up restrictions is another very important step to take.
- Set up regular security updates about vulnerabilities to the software on your network.
- Test all services that interact with the network to ensure that they do not provide useful security information to unauthorized users.
- Limit users access to sensitive information on the system.
- Keep logs of all approved network activity.
- Encrypt Data
- Check for unauthorized attempts to connect to your system.
- Set up a monitoring service to check for unauthorized network activity.
User Security- Setting up specific standards and rules for each user is critical to avoid one user from messing up the system.
- Create a standard for creating and maintaining user accounts and share this with users.
- Limit ways in which a user can connect to the system.
- Keep accurate logs of each individual users activity, specifically connection duration, time and location.
- Check for irregular user activity such as failed attempts to gain access to files they shouldn’t be accessing.
Data Storage and Security- Protecting your important data, and ensuring that backups are performing properly are important in network security.
- Only make data that pertains to an employees specific role available to them.
- If you have file systems available with a network sharing tool, examine the security of this tool.
- Maintain a standard backup of your system and protect this data. The most common way to backup is tape, however there are safer solutions available.
- If you use a database, make sure the database is accessible only to authorized users.
Passwords- Setting up a complex password is one of the easiest security measures, however it is also one of the most overlooked steps.
- Require unique passwords that contain at least 6 characters as well as a combination of numbers and letters, both uppercase and lowercase.
- Setup a password rotation and expiration. You should never keep a password longer than a few months, especially your system password.
- Do not write down passwords, store them, or send via email, keep them in memory alone. Communicate this to everyone.
System Administration- Setting up your system properly is important, but you cannot leave it at that. You have to regularly update and monitor your system to ensure everything is okay.
- Regularly browse your system, looking for vulnerabilities.
- From time to time try to break into your own network.
- Think of groups that may have a reason to break into your network, and protect your company against them.
- Keep all users up to date on techniques and security expectations of them.