it support and consultants

Why Network Security is Vital to your Business

Why Network Security is Vital to your Business 150 150 Simon Randall

 Network security, is something like your own personal health. When you’re in good health, and fighting fit as it were, everything is hunky-dory. But as soon as you begin to feel under the weather, you suddenly realise just how much you took your good health for granted. Well, it’s exactly the same with network security. During the time it functions well, it also gets taken for granted. But as soon as it becomes compromised, we suddenly realise just why, network security is vital.

The Private Network of the Internet

In the broadest sense of the word there are two types of network. On a personal level, you have the internet, whereby any number of individual devices can share one common source of data. In this “personal” sense, network security is all about the security of the individual device (e.g. a PC, a laptop, a tablet). Most of the operating systems today that are preloaded onto the various types of devices all tend to incorporate a firewall. 

This keeps them safe from any external prying eyes that are lying in wait out there in cyberspace. In addition you can of course purchase anti-virus, and anti malware programs. These can help to keep your device, and the data it contains, safe from unwanted surveillance, and/or the various viruses that can be unwittingly downloaded.

The Business Network or LAN

Now let’s take a look at business in terms of networking. This is where a whole new ball-game comes into play. It’s the game of business network security

Most Common Types of Business Network Threat

There are basically 3 types of threat a business network may be subjected to:

  • Innocent Internal Infiltration
  • Malicious Internal Infiltration
  • Malicious External Infiltration

The Reasons Why Business Network Security is so Vital

Business network security is vital in order to avoid 2 things:

  • The network becoming compromised and preventing people from being able to work efficiently, or even work at all
  • The network being compromised, and through that attack, leaking sensitive or confidential data

Whereas neither of these network security threats is desirable, the download threat is something that can be dealt with, and the system restored to good working order. Of course, to be on the safe side, any business should have a business contingency/disaster recovery plan in place, in case of permanent loss of data; or worse, the theft of sensitive customer data.

Innocent Internal Infiltration

So we’ve established that business networks also suffer from the same “download threat” that private personal devices do. Okay, the threat has to get into, and find its way through, the server first. But there are many hackers around, who know how to go about doing just that. We’ll talk more about this in just a moment.

This type of “download threat” comes about through innocent internal infiltration. In other words, an innocent member of staff may browse the web during tea or lunch breaks, and innocently download programs that contain some sort of malware or virus. These “innocents” are totally unaware of the threat and the damage it can do. It is usually left to the IT department to repair the damage they cause.

All businesses should implement some sort of Web Acceptable Use policy, whereby employees are made aware of the dangers, and are instructed not to download anything onto their work devices. IT departments may also decide to block access to certain dubious websites.

This also means that some businesses may also want to discourage the BYO (Bring Your Own) device for work phenomenon. However, personal devices can still be managed on the business network, with the right platform.

Playing Big Brother

The truth of the matter is that many employees will still disregard certain rules and regulations that are put in place. It’s the “I didn’t think it applied to me” syndrome. Where businesses establish that this happens, they may feel it is prudent to introduce special monitoring software to check emails and Internet activity.

The increasing sophistication of phishing email

This is where many companies get caught out as whilst many of us are aware of phishing and how much more sophisticated it has become (along with social engineering that encourages users to follow a link or open an attachment), this is isn’t the case for everyone, especially when you consider that 80,000 people per day get caught out in this way.

Malicious Internal Infiltration

Malicious internal infiltration is a much more serious event. If uncovered it will usually lead to the sacking and possible prosecution of the guilty party. These people are technical cuties who may well have a grudge against their employer, and/or their work-colleagues. It may also be the case that they are working for an outside source, either for pay, or because they’re being coerced in some way.

Sneaking in Under the Covers

The problem is of course that these people are already have legitimate access to the network. So in terms of network security from an external threat, they’ve snuck under the covers and circumnavigated any protection that the IT department may have put in place. It’s a heinous act.

Instigating Diligent Network Security Checks

The only way that this can be detected is either by the IT department running frequent diligent checks into the network’s integrity, or by employing network security specialists (such as the network service provider, if they offer such a service) to do the job for them.

Malicious External Infiltration

Malicious external infiltration can cause just as much damage as malicious internal infiltration. The first line in defence is to have a good firewall in position – perhaps even a new generation firewall. This needs to be backed up with appropriate malware identification software. The problem is that a highly skilled hacker can sometimes circumnavigate the simple network security precautions. Once again, it’s a case of the IT department or running its diligent checks, or contracting the support company to do so, on their behalf.

As already stated, viruses and malware that prevent systems from working, or that throw spanners into the works, can usually be dealt with, once they have been identified. But the real problem comes with loss of its confidential or sensitive data.

Irrecoverable Leakage of Sensitive Data

When it comes to sensitive or confidential data being leaked to, or being stolen by, outside interests, it’s something that can prove fatal in terms of any business’s ability to survive. We’re talking about loss of data that a competitor can use to their own advantages. In other words, we’re talking industrial espionage.

Here’s the Bottom Line

Whether it’s sensitive pricing information, confidential design information, or future strategy information; in the hands of the wrong people this sort of data can cause enormous and perhaps irreparable damage. This is especially the case when companies store customer information as the theft of such could lead to a large fine.

With this in mind, regular audits should be carried out and it’s always wise to be prepared, something that we will go into in some more detail in a later post, so make sure you check back often.

Not sure about your network cabling? Wondering whether to go wired or Wi-Fi? Need a complex fibre network set up throughout a large building? Whatever the case, Quadratek are here to help so why not get in touch today to see how we can help your business.

Image: JHero Brasil

Choosing a Unified Threat Management Vendor

Choosing a Unified Threat Management Vendor 150 150 Simon Randall

While each
organization will have its own criteria for choosing a Unified Threat
Management vendor, performance and reliability are likely to rank highly on
their list of criteria.  At the end of
the day when choosing a Unified Threat Management vendor many companies will
simply be looking for a product which does the job and does it reliably.  

The first
and most obvious point to check when choosing a Unified Threat Management
vendor is whether or not they are capable of supporting the core security features
you require.  Typically these would
include: a firewall, URL filtering and malware-detection capabilities.

It’s
important to remember that unified tools are generally good all-rounders rather
than being top-performers in any particular field.  In other words, they are a bit like modern
smartphones, which have decent cameras and decent music players, but which no
professional photographer or DJ would consider using in place of dedicated,
stand-alone devices. 

Many people
however are perfectly happy with their smartphones, at least for day-to-day
purposes, and UTM devices can work perfectly well, particularly in an SME
environment.  If, however, your company
fits into a particularly high risk profile, for example you have extensive
access to sensitive data, or you are working in a controversial industry, then
it may be better to look for individual, dedicated, solutions.

UTMs – a layered approach to IT
security

Decent
management controls are also likely to feature highly on any company’s
wish-list.  Given that the core market
for UTM vendors is SMEs, which tend to have limited IT resources, it is usually
important to make sure that the solution chosen can be managed by the IT team
along with their current responsibilities. Of course, it can also be outsourced
to technology support companies, such as Quadratek.

Forward thinking is necessary for IT
support

The
question essentially becomes: how simple does simple need to be?  In a very small company, realistically, a
straightforward and basic web interface will probably be the best approach, as
the IT team may very well be a one-or-two-person operation with limited skills
and resources. In a bigger company, it may be more appropriate to look for
solutions which have more options for customization and support; for example
the ability to customize security according to the type of device if not at
actual device level. 

Think about
future-proofing.  Companies can scale up
and down for various reasons.  As a rule
of thumb, the greater the number of people in an organization, the higher the
security requirements.  Basically, the
more links there are in any chain, the greater the chance that one of them will
break. 

Consider hardware SLAs

Companies
with a reasonably stable workforce and plans for steady growth may be prepared
to accept solutions which would require the purchase of new hardware if any
significant changes were to be made, but companies whose business is more
cyclical or who may potentially need to upscale operations at short notice
should look for solutions which offer flexibility.

Look at the
vendor’s reputation.  Leaving aside
support and service for a moment, look at the vendor’s reputation in terms of
product management.  The fact of the
matter is that new security threats are emerging all the time, which means that
companies in the market of IT security need to be constantly monitoring for
them and updating their solutions, whether this means updating definitions of
malware of creating a brand new product to cope with a brand new threat.

The current
major players in the UTM world are all established brands and many of them
offer UTM products in addition to standard networking equipment.  They have all demonstrated a commitment to
ensuring a safe future for users of network-based services.  Smaller players and new entrants may add
options and may have solutions which are every bit as good as their larger
counterparts, but should arguably be looked at with particular care.

Reliable IT support

Once it has
been established that a vendor can provide a reliable level of product
management, then it is also worth looking at their reputation for service and
support. In short, can they be relied on to be there for you when you need
them?

Look
carefully at whether or not a product will support your company’s style of
work.  If you are a small company with
everyone working out of the same location, then your UTM needs will be fairly
simple, but as soon as you start adding in extra business locations and/or
home, mobile and remote working into the equation then you will either need to
deploy UTMs at multiple locations or have a UTM solution which support
sufficient VPN connections for your staff. 

This is
also where previous comments about scalability can be important.  By the same token, if your company is makes
use of Wi-Fi connections for any reason, then make sure that your UTM solution
can support them.  Admittedly this is
becoming increasingly common, but it never hurts to check.

ISO and other regulatory needs

Last but by
no means least, it’s important to be aware of any regulatory requirements and
to make sure that your UTM solution is fully in compliance with them.  While regulatory requirements tend to be in
line with the value of the data held by companies, for example they are hugely
strict for companies which hold confidential financial data.  These days many companies are data
controllers and need to comply fully with all the requirements of the Data
Protection Act.

In short,
everyone who uses any sort of network-based service needs online protection.  This applies as much to individuals as to
organizations.  Choosing the right UTM
can provide a simple, affordable and effective way for SMEs to manage these
threats.  Companies in high-risk
environments may be better using threat-specific products and either hiring the
resources to manage these in house or out-sourcing IT security altogether.

Companies
with large numbers of remote or mobile workers might do better with cloud-based
security services, which often have straightforward web-based management tools.






captcha