Securing the Perimeter of Your Network
Anything outside your internal company network is considered the “edge” or “perimeter” of your network. The first line of defense in securing your network, is the main point of entry from the Internet or other external networks. We can install and maintain firewall devices that will enforce the access policies and services allowed to authorized users. Along with the firewall, an Intrusion Prevention System (IPS) will help to detect malware such as computer worms and will monitor network traffic for suspicious events, such as Denial of Service (DoS) attacks. And to further protect the network, a perimeter anti-virus and email scanning device is recommended. For most small businesses, we recommend one device that can handle all of the firewall, IPS, anti-virus, and email scanning duties. This helps to simplify installation and ongoing support, not to mention, it is a better value for our clients.
Securing Your Internal Company Network
The second line of defense is inside your own internal network. This means securing the company servers and desktop workstations. The company server needs to be monitored and updated with the latest software updates to ensure it is secured against new threats. The company server is also responsible to correctly authenticate the network users and provide access to specific company resources, so it is important to ensure those policies are monitored and updated regularly. Once your company server is secure, the most likely target of a potential threat are your desktop workstations. The desktop computers should be secured by keeping the operating system up to date and running local anti-virus and anti-spyware software applications. Even if a computer is offline, it can still cause issues on your company LAN if an employee unwittingly uses a compromised USB drive or other media on their computer. A combination of monitoring and training is usually the best course of action to make sure your employees are abiding by your company policies.