If there is more than one computer used by a business chances are that they are networked to make sharing of information and resources such as printers easier.
To protect the network both the hardware and software that make up the system have to considered. Servers, routers, user machines must be protected from physical damage by placing in dry, elevated, fireproof locations.
Think about where the office is located, the natural disasters that can happen and what best can be dome to alleviate the risk of losing use of the machine when the worst happens.
The linking mechanisms such as cables and wireless transmitters must be protected from unauthorised access. The cables not be run through conduits or covered where they cross high traffic areas of the floor. The wireless router must be configured to stop free access to the network and the information transmitted has to be encrypted.
On a network there may be many different services installed on different machines. If one of those services has a weak entry point a hacker can compromise the entire network. Segmenting a network through the use of switches limits access to the entire network from any one point.
When a small company is networked all machines are usually linked to the printer. This saves having to purchase multiple printers and the costs associated. With this type of setup the recommended practise is for users to remove printed documents as soon as they are printed and not left there for others to read freely.
The IPSec port filtering must be implemented to restrict the web traffic that can come to the servers. Only the specific ports that are required to support a server’s role must be open and all other default and unnecessary ports must be blocked.
The network is the largest and most dispersed part of an information system’s infrastructure. All parts have to be audited for weaknesses and defences beefed up to raise the average strength of the entire network.
Photo by pascal.charest
Comments
You can follow this conversation by subscribing to the comment feed for this post.