network security

Is Your Business Security Good Enough

Is Your Business Security Good Enough 150 150 Kerry Butters

Computer security is an important issue for any business and it seems that hardly a day goes by without us hearing about another botnet, hack or malware attack doing the rounds. The most notable of late was a vulnerability in SSL certificates, and whilst there’s little evidence to suggest that hackers have taken advantage of the Heartbleed bug, it still brings to the fore the ever-increasing problem that is network security.

For businesses, securing the company network isn’t a particularly difficult task, nor is staff training, but many still don’t have adequate enough protection to ensure that the company, or even customer, data is safe.

According to a recent survey carried out by the Poneman Institute, this is due to many enterprises lacking the tools to protect their information and “a disconnect in executives’ perceived value of data”. The study saw a huge 80% of IT professionals state that their company execs don’t seem to see the correlation between a cyber-attack and loss of revenue when it comes to stolen data.

Security is lacking all round

This is a worrying statistic, as security has to be a priority in this technological age that we live in. If customer data is stolen, firms stand to lose not only a loss in business due to the spectre of a system audit, but also possible fines and even the loss of customer confidence. Even if it’s not customer data that’s stolen, the loss of sensitive data from within a company can have serious ramifications for the future.

The study also found that a large majority of IT professionals don’t feel that they are given adequate tools or budget to be able to effectively protect the network from an attack. Further to this, just 41% said that they believe they understand the threat landscape facing businesses today and a third of those asked said that following a data breach, they didn’t know exactly what data had been stolen, or how.

However, the research also found that board level executives are learning, as there was an increased understanding when compared to previous survey results. There does also seem to be a lack of communication between companies and vendors taking place too, as 51% said that their solutions provider doesn’t let them know about the root cause of an attack after it had occurred.

6 in 10 firms don’t have adequate security

The study also found that six in ten companies don’t have adequate protection, which seems slightly unbelievable when you consider the how newsworthy cyber-attacks have become.

“This global security report shows that the cyber-security industry still has more work to do when it comes to addressing cyber-attacks,” John McCormack, Websense CEO, said in a statement. “Security professionals need effective security measures and heightened security intelligence to keep organizations safe from advanced attacks and data loss.”

But does all of the responsibility lie with security professionals, especially in light of the above statistic? Not really, when it comes to it, the security of any company’s data and that of its customers if the responsibility of the business. This means that it’s necessary to invest in enterprise-level solutions which should take a layered approach to security that includes, hardware, software and staff training.

Training is a security must

Employees often lack enough training to understand how even the simplest actions could cause a security breach at work. Many examples of malware are capable of effectively taking over a machine to examine the company network and steal data, just because an employee has carried out an action as simple as clicking on a link.

Whilst this can be addressed to some extent with permissions on the company network which don’t give all employees full administrative rights, this isn’t completely the answer. Employees need to know the consequences of their actions and without training, they simply can’t.

Such basic training can easily be implemented at induction time, when a new employee first joins the company, and can be further reinforced with a strong company policy document. This could include:

·         Information on data protection and what happens to the company if this is breached

·         Social media at work usage policies (ban clicking on meme links and suchlike)

·         How to deal with links and attachments in email

·         What to do if they think they may have clicked on a malicious link

·         General overview of computer security

·         Strong BYOD policies for those using their own devices

·         The use of open Wi-Fi connections to connect to the company network

Security is the responsibility of us all

Many consumers lack the basic knowledge when it comes to dealing with malware, viruses and other attacks, especially when it comes to social media. However, if there’s something many high profile attacks such as Conficker should have taught us, it’s that internet and network security is something that we all should have a vested interest in.

Conficker was a worm that appeared in 2008 which created a huge botnet that potentially had the ability to threaten the entire internet infrastructure. Now imagine if the internet was taken down by a botnet and the implications that has for national infrastructures. We rely so much on technology now that Conficker really did have the power to create complete chaos.

But how much have we really learned from Conficker? If it’s true that only 4 in ten firms have adequate network security, then it would seem not very much. Governments have begun to address the issue on national levels by creating cyber task forces, and are working more closely with businesses to heighten awareness surrounding internet and data security, but is it enough?

Not really. Firms have to be willing to take action and that means that board level executives have to learn the importance and value of the data that they store. Added to this, awareness must be raised at all levels within a business if it is to successfully ensure that the network is protected.

For execs, this means listening to the concerns of IT staff, as well as educating themselves on potential threats and data loss. Ideally, a disaster recovery plan should also be put in place so that a company can quickly respond should the worst happen.

We all have a responsibility to ensure that the internet and our data is protected, and the only way that can happen is through education and the implementation of robust, enterprise grade security solutions on the business network.

Is your company data secure? Whatever the size of your business, we can help to advise you on the best solution for you. Give us a call today on +44 (0)8450 740 530 to see how we can help you to secure your company and customer data and protect from attack.

12 Steps to PCI Compliance

12 Steps to PCI Compliance 150 150 Simon Randall

The Truth about BYOD

The Truth about BYOD 150 150 Simon Randall

5 Tips for More Secure Wi-Fi

5 Tips for More Secure Wi-Fi 150 150 Simon Randall

You already know you need to secure your business Wi-Fi network. But did you know that Wi-Fi access points are still a weak link that could compromise your efforts and put precious data at risk?

Wi-Fi signals don’t respect boundaries and often spill out into the street. That can be an open door for hackers and unless you take steps to nail down your Wi-Fi, you may as well leave the office unlocked at night. If you don’t secure your network then, at best, you’ll get the local Wi-Fi moochers stealing your bandwidth. At worst you’ll have a serious security breach on your hands.

Here are five tips to beef up your Wi-Fi security and keep hackers out.

Use WPA2

If you are using WEP (Wired Equivalent Privacy), then you need to get with the times as it’s been understood for some time that WEP has some fundamental flaws and any decent hacker with Aircrack-ng on their laptop could be rifling through your virtual drawers in minutes.

This is your business network, so don’t take chances. Go for the strongest security you can and install WPA2 protection. At the very least you should go for WPA, but the newer system should keep you one step ahead in the constant race against cybercriminals. This is especially the case these days as hackers don’t need to be skilled in order to access business systems. All they really need to do is buy an exploit kit on the black market, which can be obtained for very little money now.

If you are stuck with WPA then check your router. Some of them offer Wireless Protect Setup (WPS), which makes it easier to connect. It also makes it easier to hack, so disable it.

Bigger companies on WPA should opt for enterprise mode, which allows a separate login for each employee and a degree of accountability. Security threats don’t always come from outside, after all, and this set-up makes it easier to terminate access when the company terminates an employee. To run this system, though, you’ll need to run it on a server.

Go Rogue

You can go to the ends of the Earth to secure your Wi-Fi network. Your work can be blown out the water by pro hackers, though, or even your own colleagues.

It all sounds a little like covert military operations, but you have to sweep the office regularly. Thankfully you don’t really need a high-tech scanner, just a laptop loaded with aerodump-ng or Vistumbler that will sniff out suspect packages and locate rogue Wi-Fi points.

This is important, because a rogue access point can strip out all your security, broadcast your SSID and open the network to everyone. Forget about hackers, if this happens literally anyone could connect to your network and they won’t even need a password.

Use a secure password

It sounds obvious, but then you’d be surprised how many companies get hacked because they used a password everyone could remember. It’s a sad fact that despite the need for good security when used on a business network, many people still opt for silly, easily crackable passwords such as 123456 or (trying to be clever and failing) ‘password’.

Ditch the company slogan and go for a long and random selection of letters, numbers and capitals. You need at least 13 characters to defeat most brute force attacks, but even that won’t stop some and you should use all the characters you can. Don’t let them write it down on a Post-It on the screen either. People can steal access the old-fashioned way if you’re lazy. Find and use a decent password manager.  

Go for the longest and most random selection of lower case letters, capitals and numbers that you can. Then test it using something like Cloudcracker. If the system cracks the code then you need to go further.

Hide Your Network

If you don’t stop it, your Wi-Fi network will broadcast its SSID details far and wide. It’s trying to be helpful and for most users, this saves them the hassle of entering the network name in order to connect.

It’s a minute’s work to set the SSID to ‘hidden’ and to stop the network advertising its presence. Change the SSID identity and every default name on the system, too, because if you leave the name intact then you have saved the hacker’s time.

Office computers will have to be set-up, of course, and employees will scream for help with their own mobile devices. They should know the name of the network, though, so can enter the details themselves. Saying that, it’s better practice if you allow BYOD to use a mobile device management (MDM) system.

Convenience is never an excuse for lax security measures, so you will have to put up with repeated requests for login information.  Hackers equipped with proper software will still be able to sniff out the network, so this is just one measure you should take and do not rely on it. A layered approach to network security is required at all times and this requires hardware firewalls at router level, as well as appropriate antivirus solutions and file monitoring software, for full protection.

Turn your router off at night, too, if your business doesn’t need 24-hour access. No hacker in the world can find your network if it isn’t there.

Don’t Invite Network Guests

Some offices have a virtual revolving door of visitors coming in all day long. Nowadays many of them want to hook up to your Wi-Fi to take care of emails and even catch up on the latest viral videos. The problem is that the visitors don’t always take as much care of their security as you do. So allowing them free reign means you’re open to systems loaded up with viruses and malware. Of course it can happen in reverse, too.

It’s a little aggressive to say no, so you’re stuck with gaping holes in your Wi-Fi’s security right? Wrong. You can offer a guest network that keeps visitors away from your sensitive internal network.

Most business level routers can run two networks at once. Even though this is a relatively open network you should still run basic security measures. Put a password on the system, to prevent the whole world draining your Wi-Fi bandwidth and also to protect your guests from prying eyes while they are on the system.

In the modern world, as technology races ahead and becomes further integrated into our everyday lives, security and privacy are desirable – for businesses though, they are vital if they are to retain important data and protect customers, as well as avoid fines if they should lose such data.

Security Threats and the Business Network

Security Threats and the Business Network 150 150 Simon Randall

According to Symantec’s 2013 Security report, there was a 42% increase in targeted attacks on businesses in 2012, with 31% of these aimed at companies employing less than 250 workers. There were 14 zero-day vulnerabilities found and one waterhole attack infected 500 organisations in just one day.

This highlights the fact that internet security remains one of the biggest challenges that face modern businesses, especially as the use of the internet and cloud services become increasingly important to the enterprise.

Further to the stats above:

·         32% of all mobile malware threats steal data

·         Windows PCs are now not the only target, Macs are also vulnerable

·         Phishing sites that ‘spoof social networks’ have increased by 125%

·         Web-based attacks grew by 30%

·         In 2012 there were 5,291 new threats discovered with 415 of these threatening mobile OS

The Loss of Confidential and/or Sensitive Data

The single biggest concern, was the threat of having confidential and/or sensitive data compromised. For example if personal data is stored as part of an enterprise’s service to its clients, any incursion which results in data being lost or stolen, would, in addition to the loss of confidence clients would have in the company in question, also create a breach of HIPAA and/or PCI compliance, which in itself, would have serious consequences.

Many businesses store cyber data that if accessed by unauthorised sources, could harm that business’s viability. This is of course not only of concern to IT professionals, but to business owners and employees too, whose continued employment could come under threat as a result.

Employee Error

The next biggest concern with regard to network security comes from the honest error made inadvertently by an employee.

This would include events such as employees saving data on an unsecured platform, or unknowingly exposing the network to a viral threat from a USB device. Some employees may lose or misplace their Smartphone, Laptop of Tablet. Any one or any combination of these scenarios could pose a threat to network security.

Add to this the increased use of social media and the kind of phishing mail that we’re commonly seeing that look authentic and like they are from a government agency, and employees can be caught out all too easily. The obvious answer to this is to create educational platforms and guidelines within the organisation which allow CEOs to ensure that employees know all the potential risks and how they commonly infect a business network.

Threats from BYOD Practices

The new BYOD phenomenon is something of a double edged sword. On the one hand it facilitates improved mobility and convenience, as well as enhancing productivity. On the other hand it opens up something of a can of worms with regard to the potential for exposing a network to any malware that may be lurking on the BYOD devices themselves.

Some 13% of IT professionals who took part in a 2012 CRN survey said that they believed their networks would face danger through the practice of BYOD in the coming year. One of the biggest problems is that IT departments are not always being consulted before these devices are being connected to the network. The threat this poses is obvious. Of course, the way to address this is to have a list of approved devices and a good Mobile Management solution in place so that when a worker connects to the network, all of the information is encrypted.

Networking in the Cloud

Whilst the cloud and security was a bone of contention for many companies in the past, this is something that has now calmed. The fact of the matter is that the Cloud service providers themselves hold the key to the security of networking in the Cloud. They must work closely with their clients in order to disseminate information downwards in order to raise both understanding, and awareness of the security methodologies they deploy, and what levels of protection they afford the Cloud user.

Cloud computing is (in general) much more secure than the average company as the data centres that company data is stored in tends to address security at a much higher level than the average on site network. This includes physical security as well as a layered approach and high-end hardware firewalls. Add to this that data centres are better at backing up data and have decent disaster recovery plans in place, and the cloud is no longer a technology to be wary of.

It does take some of the control out of the company’s hands to some degree in that data is stored away from the premises, but the information remains confidential and well-secured.

The Increasing Incidence of Cyber Attacks

Concentrated and highly organised cyber-attacks are becoming more commonplace. We hear about the most high profile attacks, but there are many more going on that we hear nothing about. These are not individual events whereby one lone hacker is responsible; they are highly coordinated, and in some instances even involve governments.

Fears of sophisticated cyber-attacks are running high, particularly in industries such as Internet banking. One security company (Trend Micro) forecasts that the mobile banking industry in particular will face an ever increasing cyber-attack threat level as we progress through 2014. They are predicting one major data breach every month throughout next year.

The Threat from Within

Many companies fastidiously prepare a multi-layered protection strategy to secure themselves from threats coming from the outside world, but in doing so forget all about the inside world – a very real threat made all the worse because of the fact that it stems from inside their defences.

 It’s the threat from a malicious employee, perhaps in response to maybe being given a notice of redundancy, or perhaps after having been handed a reprimand of some kind. Whatever the reason, the threat is a real one, and one which should not be overlooked. In the same CRN report, 5% of respondents said that an internal threat was the most likely source they feared in 2012.

The Old Fashioned Hacker

Last but not least there is the old fashioned, one-man dedicated hacker. With all of the attention that is being focused on highly coordinated cyber attacks, the determined singleton still poses a real threat too; a threat which many IT professionals believe their networks will be exposed to sometime within the next 12 months.

Saying that, many cybercriminals need no skill at all these days, as exploit kits that allow those with limited technical knowledge are freely available on the black market for little more than pennies. This of course increases the risk even more as those with criminal intent are not necessarily required to know how to hack or to create sophisticated phishing attacks.

The Criticality for Network Security to remain Current

Innovation is something that goes hand in hand with IT; the new technologies that are continually emerging, and the way in which they are deployed. Cybercrime evolves at a similar pace. Every step forward creates a matching foot fall whereby cyber felons seek to exploit any weaknesses. The need for vigilance – to install new generation firewalls – and to stay constantly up to date with latest security patches that are available, has never been more critical.

It’s sad to say that despite the efforts of security research labs around the world, cybercrime remains a step ahead. Governments were relatively late to the party when it came to realising the threats that crime such as this represent, so it means that we’re constantly playing catch-up. A really good example of this is set out in Mark Bowden’s book WORM: The First Digital World War as it became clear that the Conficker worm had the power to take down the entire internet if it was to drop its payload (which it never did and the creator of the botnet has never been discovered).

The Overall Cost of Cybercrime

Whilst governments and organisations are now a lot wiser to the threats that exist, it’s somewhat too little too late as the cybercrime industry is now potentially worth more than the international drugs trade. For businesses, this means that securing your network properly is vital, as attacks come from various sources and this mean that it’s necessary for staff to be educated too.

Why Network Security is Vital to your Business

Why Network Security is Vital to your Business 150 150 Simon Randall

 Network security, is something like your own personal health. When you’re in good health, and fighting fit as it were, everything is hunky-dory. But as soon as you begin to feel under the weather, you suddenly realise just how much you took your good health for granted. Well, it’s exactly the same with network security. During the time it functions well, it also gets taken for granted. But as soon as it becomes compromised, we suddenly realise just why, network security is vital.

The Private Network of the Internet

In the broadest sense of the word there are two types of network. On a personal level, you have the internet, whereby any number of individual devices can share one common source of data. In this “personal” sense, network security is all about the security of the individual device (e.g. a PC, a laptop, a tablet). Most of the operating systems today that are preloaded onto the various types of devices all tend to incorporate a firewall. 

This keeps them safe from any external prying eyes that are lying in wait out there in cyberspace. In addition you can of course purchase anti-virus, and anti malware programs. These can help to keep your device, and the data it contains, safe from unwanted surveillance, and/or the various viruses that can be unwittingly downloaded.

The Business Network or LAN

Now let’s take a look at business in terms of networking. This is where a whole new ball-game comes into play. It’s the game of business network security

Most Common Types of Business Network Threat

There are basically 3 types of threat a business network may be subjected to:

  • Innocent Internal Infiltration
  • Malicious Internal Infiltration
  • Malicious External Infiltration

The Reasons Why Business Network Security is so Vital

Business network security is vital in order to avoid 2 things:

  • The network becoming compromised and preventing people from being able to work efficiently, or even work at all
  • The network being compromised, and through that attack, leaking sensitive or confidential data

Whereas neither of these network security threats is desirable, the download threat is something that can be dealt with, and the system restored to good working order. Of course, to be on the safe side, any business should have a business contingency/disaster recovery plan in place, in case of permanent loss of data; or worse, the theft of sensitive customer data.

Innocent Internal Infiltration

So we’ve established that business networks also suffer from the same “download threat” that private personal devices do. Okay, the threat has to get into, and find its way through, the server first. But there are many hackers around, who know how to go about doing just that. We’ll talk more about this in just a moment.

This type of “download threat” comes about through innocent internal infiltration. In other words, an innocent member of staff may browse the web during tea or lunch breaks, and innocently download programs that contain some sort of malware or virus. These “innocents” are totally unaware of the threat and the damage it can do. It is usually left to the IT department to repair the damage they cause.

All businesses should implement some sort of Web Acceptable Use policy, whereby employees are made aware of the dangers, and are instructed not to download anything onto their work devices. IT departments may also decide to block access to certain dubious websites.

This also means that some businesses may also want to discourage the BYO (Bring Your Own) device for work phenomenon. However, personal devices can still be managed on the business network, with the right platform.

Playing Big Brother

The truth of the matter is that many employees will still disregard certain rules and regulations that are put in place. It’s the “I didn’t think it applied to me” syndrome. Where businesses establish that this happens, they may feel it is prudent to introduce special monitoring software to check emails and Internet activity.

The increasing sophistication of phishing email

This is where many companies get caught out as whilst many of us are aware of phishing and how much more sophisticated it has become (along with social engineering that encourages users to follow a link or open an attachment), this is isn’t the case for everyone, especially when you consider that 80,000 people per day get caught out in this way.

Malicious Internal Infiltration

Malicious internal infiltration is a much more serious event. If uncovered it will usually lead to the sacking and possible prosecution of the guilty party. These people are technical cuties who may well have a grudge against their employer, and/or their work-colleagues. It may also be the case that they are working for an outside source, either for pay, or because they’re being coerced in some way.

Sneaking in Under the Covers

The problem is of course that these people are already have legitimate access to the network. So in terms of network security from an external threat, they’ve snuck under the covers and circumnavigated any protection that the IT department may have put in place. It’s a heinous act.

Instigating Diligent Network Security Checks

The only way that this can be detected is either by the IT department running frequent diligent checks into the network’s integrity, or by employing network security specialists (such as the network service provider, if they offer such a service) to do the job for them.

Malicious External Infiltration

Malicious external infiltration can cause just as much damage as malicious internal infiltration. The first line in defence is to have a good firewall in position – perhaps even a new generation firewall. This needs to be backed up with appropriate malware identification software. The problem is that a highly skilled hacker can sometimes circumnavigate the simple network security precautions. Once again, it’s a case of the IT department or running its diligent checks, or contracting the support company to do so, on their behalf.

As already stated, viruses and malware that prevent systems from working, or that throw spanners into the works, can usually be dealt with, once they have been identified. But the real problem comes with loss of its confidential or sensitive data.

Irrecoverable Leakage of Sensitive Data

When it comes to sensitive or confidential data being leaked to, or being stolen by, outside interests, it’s something that can prove fatal in terms of any business’s ability to survive. We’re talking about loss of data that a competitor can use to their own advantages. In other words, we’re talking industrial espionage.

Here’s the Bottom Line

Whether it’s sensitive pricing information, confidential design information, or future strategy information; in the hands of the wrong people this sort of data can cause enormous and perhaps irreparable damage. This is especially the case when companies store customer information as the theft of such could lead to a large fine.

With this in mind, regular audits should be carried out and it’s always wise to be prepared, something that we will go into in some more detail in a later post, so make sure you check back often.

Not sure about your network cabling? Wondering whether to go wired or Wi-Fi? Need a complex fibre network set up throughout a large building? Whatever the case, Quadratek are here to help so why not get in touch today to see how we can help your business.

Image: JHero Brasil

10 Questions to ask your Network Design Provider

10 Questions to ask your Network Design Provider 150 150 Simon Randall

To help you to gain a better understanding of a network, whether it’s something that is already in place, or something that is being considered for installation, here are 10 questions that you can put to network design providers before setting on which is the best for you.

#1: How Robust is your Network?

Understanding the topology of a network will give you a better picture and feel for how solid that network is. There are two types of topology relating to computer networks. First, there is physical topology which deals with the way that the cabling is laid out. But the one we’re more interested in in this particular instance, is the one that is referred to as logical topology.

Logical Topology

Logical topology deals with the way that data moves around within the network. It can be imagined as a map, or a process flowchart. The paths that data flows along should be as direct and logical as possible. If the data has to “duck and dive” and find its way around the “back streets” as it were, it will be more susceptible to malfunction.

How is the Network Designed for Site Resilience?

Any given network will have some susceptibility to failure. Site resilience is the term that is used to define any network’s ability to adapt to a failure, and to then get back into routine operation once that fault has been cleared. It takes into account something called redundancy, which in computer parlance, refers to the creation of alternative pathways that can be used to circumnavigate certain failed events.

To incorporate site resilience into any network, it’s important to first gain an understanding of any company’s business needs, and to put appropriate redundancy measures into place. The sum total of these measures, implemented to ensure continuity, is the process known as site resilience and it’s obviously of critical concern to those responsible for running the network.

Service Level Agreements

Should anything go wrong that requires outside intervention. It is important to know the nature of the service level agreements that are on offer. It’s basic insurance.

#2: What are your Business Continuity Plans?

The world economy is still far from fully recovered, and in the meantime, many businesses are finding it hard to survive. The computer industry in particular is an extremely competitive environment, and it is therefore prudent to take this into consideration. So one of the important questions you need to ask of your network design provider is; exactly what business continuity plans do they have in place? You simply can’t afford to be left high and dry, if the network crashes and it is beyond your knowledge to fix it.

#3: What are the Built in Security Levels?

Security is something that we all have to be careful with in today’s world, with cybercrime being as prominent as it now is. Despite firewalls and anti-malware software, hackers are still are able to work their way into computer networks. It is therefore important to ask your network design provider how they have approached this problem What assistance you can expect from the network itself in terms of establishing whether or not it has been compromised, and if so, how and where?

#4: What about Performance Guarantees?

Talk is cheap. The problem is that if the network performance doesn’t live up to its billing, what can you do about it? Any network design provider worth their salt should already have a portfolio of performance guarantees written into the product spec. If they haven’t, and they in effect start making it up on the spot, just to appease your concern, then that’s simply not good enough.

But just being shown a guarantee, or being told that there is one, won’t do. Guarantees can be very complex with lots of hidden clauses that provide escape routes for the designer. In other words, you need to go through the guarantee, word by word, to satisfy yourself that it provides the comprehensive cover you’ll need in the event that the network fails.

Two other important questions to ask with regard to network performance are:

·         What happens if we expand our bandwidth?

·         What scalability is built into this particular network?

#5: What Flexibility Does this Network have?

In the business world, things have a habit of changing. We’ve already touched on the subject of bandwidth and scalability above. But many people are now using cloud technology, for instance. It’s therefore important to establish whether the network is cloud compatible and if so, to what degree? In today’s agile business world, the flexibility and scalability of your network is vital. So make sure you ask about how your network will be future-proofed too.

It’s also well worth asking what other services your network design provider can offer.

#6: What Range of Connectivity does this Network Offer?

Find out also whether the network will facilitate connectivity with employees in remote locations, including outside the UK. Even if this question is not applicable now, at this particular moment in time, it may be something that is necessitated in the near future, so check it out. As the web moves more towards collaboration, access to workers in offices located in various places could make all the difference.

#7: Will you have Monitoring Facilities in Place?

It’s important too, to understand whether or not your network service provider will have any monitoring facilities in place, and if so, whether they operate 24/7. If they do, you should find out what types of reports are available for your own personal use.

Another thing that is worth establishing is whether any fixes are actioned without you knowing about it, and if so, what sort of scale this relates to. It may be that you decide you need full disclosure, which may be something you need to agree.

#8: Can you carry out Network Repairs?

If you require “hands-on” access to fault find and repair problems yourself, you will want to establish what your limitations are in terms of accessibility, and also what access you will have to online help. Of course, this depends on the size and nature of the organisation and whether you have a dedicated IT department.

#9: What Business Ethics and Pedigree do you have?

Knowing your network design provider well is very important, so getting under the blankets and establishing what their business ethics are, is key. Look for accountability, dependability, integrity and reliability. Are there any written procedures in place, and if so can you view them? Does your provider have any qualifications and certifications? What is their policy on new product investment?

#10: What General Service Support is in place?

In question eight we touched briefly on the subject of what sort of technical support is in place to enable you to do DIY repairs. But what about service support in general; when things go wrong that you have no wish to try and fix yourself; or when you simply need help in some particular aspect of the network? Does your network design provider have 24 /7 back-up, and are they based here in the UK?

Getting your Business Network Right

It’s important to remember that there are many choices open to you in terms of network design, so it’s important to ask the right questions before you commit yourself. Of course, it helps to have a good plan in place in the first instance before approaching network specialists and any good company will help you to expand on that. We hope that the questions we’ve outlined for you above will go some way towards helping you in your selection process.

Not sure what kind of network you need? Get in touch to see the wide range of services that we can offer you.