Implementing a Strong Network Security
Strategy
© 2004 Reprint by permission only. All
rights
reserved.
by Matt Hyatt
In a world of interconnected computers
and increasingly critical company data, network security
is one of the most important issues facing business managers today.
The
list of potential threats includes viruses, hackers,
thieves, natural disasters, and sabotage. Thanks to human error,
even well-intentioned
employees can change or delete important files. How vulnerable
is your network? Fortunately, it doesn’t take an act of Congress
to implement basic network security measures in a small business.
It does take
some planning, fortitude, and a bit of technical savvy,
though. Getting started is probably the hardest step in the process,
so it helps
to have an idea of what it takes to properly protect
a company network.
For starters, good antivirus software is a must-have
for any business network. With virus threats coming
from every
direction,
running without antivirus software means risking the
loss of employee productivity and critical data. A
good antivirus solution should
protect more than just desktop computers – it must also protect
file servers and email gateways. Most solutions can be implemented
at a cost of less than $100 per user, but it’s important
to budget for maintenance, too. For most antivirus products,
this means
budgeting about a third of the implementation costs
for maintenance each year.
Another critical component of a secure network is
a firewall. A firewall is used to shield a private network
from unauthorized
access across the Internet. Most experts prefer a
standalone firewall device with configurable options
for network access and traffic control.
A small network of two or three users can often be
protected adequately with a $100 firewall, while
larger
networks with more
sophisticated
needs may require a firewall that costs $1000 or
more.
Microsoft and many other software vendors provide
free program updates to improve network and application
security. Newly discovered vulnerabilities are
often widely publicized and
quickly
exploited in the form of a virus or other Internet
attack, so it’s
important to install updates as they become available.
Managers can help protect their networks by putting
someone in charge of monitoring
the release of such updates and installing them
as soon as possible.
When it comes to business networks, the importance
of good, consistent backups cannot be overstressed.
After all, no
network
component costs more time and money to replace
than the data itself. While very small businesses
may be able to get by
with a weekly backup,
most companies can easily justify a daily backup
routine. Backup media should be stored offsite – preferably in a bank safety
deposit box – to protect against theft or natural
disasters.
Network security must be addressed at every
level
or an organization, not just at the top or bottom.
Employee passwords are
a perfect example of this idea. Passwords are
often the only obstacle to sweeping network access,
so it makes sense
to
enforce a strong
password policy for every employee. Instruct
employees to choose passwords that can’t easily be deciphered by would-be intruders.
Good passwords should be at least eight characters long and should
include letters, numbers, and symbols (i.e. # ! @ ^ &). Many
server-based networks can even be configured to require users to
select passwords based on your company’s security
policies.
Clearly, security is a critical part of any good
business IT strategy. But don’t wait until disaster strikes – it’s
far less expensive and time-consuming to protect your network now
than it is to wait until you have a serious problem. With careful
planning, implementation, and maintenance, you can feel confident
in your own company’s network security for years to come.
Matt Hyatt is founder
of Rocket IT, an IT consulting firm
near Atlanta, Georgia. For technology help with your business,
contact Rocket IT at 770-441-2520 or visit online at www.rocketit.com.
 Back
to top
|
