Gigamon: The nine most vital network security best practices

Gigamon: The nine most vital network security best practices

Sam Kumarsamy, Senior Product Marketing Manager, Gigamon, gives us nine of the most vital network security best practices

Sam Kumarsamy, Senior Product Marketing Manager, Gigamon, says it’s an old truism that an ounce of prevention is worth a pound of cure. He adds that while this saying is relevant in most aspects of daily life, it becomes especially appropriate when applied to business network security.

 

 

Sam Kumarsamy, Senior Product Marketing Manager, Gigamon

 

Thanks to the Internet, individuals, businesses and computer systems can now share sensitive data among one another more easily than ever before, but there’s a downside to this near universal connectivity: network attacks are becoming more and more prevalent.

According to a recent PwC Global Economic Crime Survey, 32% of organisations have experienced illegal data breaches, making cybercrime the second-most reported economic crime in the world. At the same time, IBM reports that within the U.S. the average data breach ends up costing the targeted business approximately US$7.35 million. Attacks are becoming more frequent.

With so many threats and so much at stake, even the best network security teams are struggling to keep up. The good news is that there are measures you can take to protect your business against the range of cybersecurity dangers that threaten it. We’ve compiled them into a single list of nine network security best practices. Read on to see how with a little prevention you can optimise your network security plans.

The Network Security Best Practice Checklist

Maintain your software

Network attacks are evolving, and yesterday’s solutions may not be enough to counter tomorrow’s threats. This is why one of the most essential — yet most basic — network security best practices is keeping your antivirus software current. Up-to-date virus software will incorporate tested solutions to some of the most recent known exploits. As such, software updates should be installed immediately as they become available. The most effective antivirus options can protect you in over 90% of instances. However, no single solution is fool proof, and as threats become more advanced, ongoing antivirus audits and supplemental systems are becoming just as important as installing the latest patches.

Make visibility your top priority

We tend to view our networks as walled fortresses trying to repel incoming enemy attacks, but sometimes it’s the people inside the walls who are the bigger danger. Nearly 75% of all data breaches are a direct result of insider threats — and of those threats, 68% can be attributed to employee or contractor negligence (only 22% of insider-threats are intentional). The solution? Improved network visibility.Constantly monitoring users within your network may be the single-most important security policy you adopt. After all, if you can’t see it, you can’t secure it. By tracking internal network use, you can improve your situational awareness and see what actions may be compromising your network security. You can then move to correct those actions before they turn into something more serious.

Keep a close eye on user permissions

While unintentional insider threats may be the more widespread problem, intentional ones — where authorised users attempt to steal valuable data — can still cause major damage. In many cases, these kinds of attacks happen as a result of disgruntled employees (or former employees) using their network permissions to access sensitive information.Most businesses have different levels of privileged users but giving anyone access to everything is a huge risk. Never allow any of your users the authorisation to security logs and be sure to provide and enforce network-use guidelines for anyone with permission to access network data. Also, be aware of the dangers of BYOD and IoT devices connecting to your network, as these devices can also carry malicious programs or lead to data being taken off premises.

Use a reliable network packet broker to send the right traffic to the right tools

When it comes to network security, we sometimes err on the side of caution. For example, even though certain tools are designed to be more effective with certain kinds of traffic, many organisations still send all of their network traffic to all of their security tools. Unfortunately, with network speeds, data volume and the number of business applications all increasing, security tools are being pushed beyond the capacity they are built to handle. This increases cost while also slowing down business applications leaving networks more open to attack. A much better solution is to give your security tools access to only the traffic they need to analyse, while preventing access to the traffic they don’t need to see. A next generation network packet broker, purpose built for security solutions, can provide traffic intelligence features such as metadata, application session filtering, SSL decryption, masking and more to ensure that appropriate traffic is being optimally routed to inline and out-of-band security tools. This not only improves network security, but also allows for faster application and network performance.

Stay compliant

Your organisation isn’t the only one that wants to keep your network safe from intruders. Users have a vested interest in ensuring that their sensitive data is kept out of malicious hands, and that means that the government is likewise interested. Federal and other government rules exist to help ensure data security, and businesses and other organisations are expected to comply. Regulations (such as HIPAA, ISO and PCI DSS) may seem like an extra hassle, but they provide a number of reliable network security best practices around policies and procedures that can keep your customers and your business, safe. If you want to keep your network secure in 2019 and beyond, don’t let your compliance slip.

Establish a security policy

Sometimes setting clear expectations and guidelines for your employees can mean the difference between secure and unsecure networks. This will help network users better recognise what is, and what is not acceptable user behaviour. Perform a network security risk analysis and see what areas your policy most needs to cover. Of course, guidelines are only useful when employees internalise them. Given the massive amounts of employee onboarding most organisations put their new hires through, it’s not surprising that many employees fail to do more than give network security policies more than a cursory glance. To make sure that employees are contributing to network security, provide on-going security-policy training, including what to do in real-life situations. Also, keep a security-policy expert on-hand, so that when users need further clarification they have someone they can go to.

Always backup your data

One important thing to remember about digital information is that it can be copied. This means that at any given point in time, your organisation can create a backup – essentially a detailed snapshot – of your network data. By then maintaining that data separate from the rest of your network, you’ll have a recent version of your data to fall back on in the event of a damaging cyberattack. Despite this, only about half (51%) of businesses keep a data back up, and only 36% of enterprises back up their business data completely. Regularly back up your entire network, so that no single breach has the capacity to completely obliterate the information your company depends on.

Don’t forget about third-party users

Many businesses outsource to third-party contractors, and that often means that those contractors need some level of access to the organisation’s network. That said, if internal employees represent a major threat to your network security, then third-party users are at least as dangerous. Allowing third-party contractors network access increases the number of system access points, and in turn creates more potential entry locations for malicious attacks.If you work with contracted employees or agencies, never allow them more data access than is absolutely necessary. At the same time, carefully evaluate any contractors before you commit to work with them. If they are compliant with regulatory requirements, and if they follow effective security policies, they’ll be less likely to turn into a liability.

Educate your users

Network security best practices can help you create an effective plan of defence for your vital data, but if your users aren’t doing their part, then your network will always be vulnerable. This means that if you want to secure your data, you need to secure the users who access it. Train your employees on how to recognise and report specific threats, create strong passwords, and use and access data correctly. Your security best practices are only as good as those who follow them. Educate your employees on how to protect your network, and you’ll have another reliable line of defence between your data and the threats that could compromise it.

Prevention Is Always the Best Network Security Plan

By the time you discover that your organisation has suffered a data breach, the damage will have already been done. This is why it’s so important to prepare ahead of time. After all, in terms of network security, an ounce of prevention is worth far more than a pound of cure.

To help your organisation develop an effective security posture to deal with any threat that comes your way, check out Gigamon intrusion prevention solutions, and secure the network data that supports your business.

Browse our latest issue

Intelligent CISO

View Magazine Archive