hero_2.jpg
GS Staff

8-network-security-steps

Business IT support is increasingly becoming important, especially with the complex and ever changing security threat landscape.  Hackers and their ilk are no longer only targeting larger businesses; they are realizing that small and mid-sized businesses are an easier target.

 8 Tips to Tighten Network Security

1. Get a _real_ Firewall

Many small businesses are still using the $75 home router from the local big box store.  These boxes let you get on the Internet, but little else.  A true business class firewall adds several layers of protection in addition to allowing computers onto the Internet. 

2. Change your password    

Great, you have a firewall!  Have you changed the default password?  If not, intruders that have physical access to your site can get in and make changes.  Also, be sure to disable remote administration as it is enabled by default on some models. 

 

3. Update Router firmware

Firewall and router manufacturers release update code for their products called firmware upgrades.  These patches introduce security and bug fixes. Some off-the-shelf routers may ship with firmware that is 3-5 years old, so it is generally a good idea to update the firmware as soon as possible. 

4. Block Pings

Most routers respond to a “ping” request by default.  Pinging a ton of hosts is often the first step in a hacker’s plan to find easy targets.  If you are using a business class firewall, you want to “drop” the pings instead of blocking them.  This makes you system appear to be not connected to a hacker.

5. Scan Yourself

Using one of the free security test websites will help you identify open ports on your firewall.  Have you had a few different computer guys in your business network?  It might be a good idea to see what ports are open and if they need to be open.  For most small businesses, no ports should be open besides any VPN connections, 

8-tips-to-tighten-network-security-1

6. Block specific outbound traffic   

A true business class firewall with Intrusion Prevention services (IPS) will do much of the outbound blocking for you. If you have a basic model, it may still be beneficial to block certain ports, such as SMTP (email) traffic if your company uses an e-mail system that does not need it-, like Microsoft Exchange.

7. Use content filters

Content filtering allows you to block certain types of websites.  This helps employees keep from intentionally or unintentionally accessing sites that may contain suspect content. For example, most filters have a category for “hacking” which is usually good idea to block. 

8. Use VPN

If you have remote workers who need access to their desktops or the server, using a VPN is better than opening ports for these applications.  Typically, you want to use a business class firewall to host the VPN services on the edge of the network.  After a remote worker successfully authenticates, they will have similar access to the local network as they have in the office.  They can also securely use remote desktop across the VPN without opening their computer up to hacking attempts.

 

New Call-to-action  

For more information Get in touch with us: www.gravityusa.com

Follow Us