Network Security Top Tips

Network Security Top Tips by PW Comms UK Ltd

IT security can be a complicated subject and is usually carried out by IT professionals. However, it’s important for a wider user group to understand the fundamentals to ensure the network remains secure. This white paper has been written to provide you with the fundamentals of network security, in a easy to understand language. Following these top tips won’t be a complete security solution but will give you and your network users a firm base of understanding to help you stay secure.

Write a security policy

A security policy is a written set of rules that a user has to abide by to keep the network secure. This should be written by the IT manager or administrator who understands the current security threats and issues that can affect the network. Once the policy has been written, it needs to be agreed by all users and supported by IT staff that will make regular updates to keep a control over new threats.

Operating systems and software

It’s important to keep all systems and software applications up to date with the latest versions. In most cases it may be a software update or at most a new hardware install. Running older versions gives time to attackers to find doorways into your network, but if you keep your systems updated then it makes it much more difficult as coding can change as new versions are developed. Remember that some updates will not be applied until the system is rebooted. You must restart a session after an update to ensure the new versions have been installed, before you continue. Pay particular attention to the updates of the following programs because they are frequently targeted: IIS, Outlook, web browsers, Adobe Acrobat, database servers, media players, and Sendmail.

Get to know your network

Develop a list of default software applications and any others you may have installed. Regular maintenance checks and cross referencing to your program list can help identify any rouge packages that may have found their way onto the network. Be careful not to delete any packages that look unfamiliar until you are sure they pose a threat. Deleting program files that support your network and applications can have drastic consequences.

Passwords
Using passwords is a great way to protect who can access your network. However, poor passwords or even blank entries are still common. If you’re still using the factory default passwords then it only takes a hacker to buy the same kit and replicate the password. Passwords and usernames with less than 8 characters can be cracked in minutes using any number of publicly available password crackers. Passwords should be in upper and lower case and at least 12 characters long. They should be made up of a variety of characters and include no dictionary words or names. Never share passwords or keep them stored in an easily accessible place. System administrators should periodically run password cracks to identify weak passwords and update where necessary. They should use stand alone non network machines to run the tests to ensure results will not be found by anyone who has access to the system.

Do not run unknown programs
The majority of software applications will run without a security check if permission has been given from the person executing the file. Never run a program unless you are sure of its intent and purpose. Spoofing e-mail messages is one of the most common delivery methods of viruses. Do not open e-mail attachments unless you trust the source and its content to be safe. Always run email security software to reduce risk, and be cautious with your email address. Where possible, set your email client to open emails in plain text. This strips away any HTML coding to avoid script attacks from simple previews of messages.

Least Privilege Policy

Least privilege policy is where user access is granted based upon the level of access required. Users should only be given the levels of access that requires them to do their job. Security attacks will run as deep as the level of access that’s given to the unsuspecting user. The more privileges the user has the more damage an attack can do.

Network Printers

Network printers contain built-in FTP, WEB and Telnet services as part of their operating system. These printers can be exploited and often overlooked by IT administrators as a security threat. They can be exploited as FTP bound servers, jump platforms or via web management services. Make sure all default passwords are changed and if possible, block printer ports at the boundary firewall.

Network Communication

Network communication programs such as telnet, FTP and “r commands” can transmit usernames and passwords across the network making them vulnerable for capture. Some IT administrators believe that trusting a user to gain remote access without supplying a password via rlogin and rsh, eliminates the risk of passwords being stolen. Although this makes it more difficult for attackers to access the network from a remote location, if they gain control over any machine in the trusted non password network, they will gain access to all other devices trusted to that machine. Remember, if remote access is no longer needed to any of these machines, they must be disabled to keep the network secure.

We cannot guarantee that if you follow these tips your system will not come under attack. IT technology is alive and will evolve with time. You have to keep updating and renewing your security policies, systems and applications in order to stay safe from attacks.

If you have any other questions about network security or updating any of your current systems please call one of our advisors on 01925 751836, or email info@pwcomms.co.uk.