The old maxim “the road to hell is paved with good intentions” can apply to so many areas of life. However, it seems to be particularly fitting for many of the work situations and challenges network system administrators face on a daily basis
While you try to do the best job possible, sometimes you may find yourself dealing with many challenges that seem to have no good solution. However, as someone with more than 25 years of experience in IT security, I’ve found that many of these challenges can be avoided or mitigated by following some best practices for network security.
Here are the top four do’s and don’ts you should know as a system administrator:
The Do’s of Network Security
1. Do Perform Regular Security Audits and Tests
The purpose of a security audit (either by you or a reputable managed service provider) is to ensure that your network is secure. This is partly done by running a vulnerability scan or penetration test to know not only what devices are on your network, but also to identify any weaknesses so they can be addressed before they turn into major problems.
Penetration tests check the vulnerabilities of your network perimeter, including:
- Intrusion Detection Systems (IDS)/Intrusion Prevention Systems (IPS),
- Firewalls and Demilitarized Zone (DMZ, or network perimeter), and
- Wi-Fi Intrusion Prevention Systems (WIPS).
2. Do Consistently Update and Patch Your Network and Devices
One of the surest ways to fall prey to a cyber attack is to not keep your network, computers and other devices up-to-date on software updates. This is why it’s important to consistently run updates and patches on all devices to ensure you maintain a secure network.
Symantec’s 2018 Internet Threat Security Report cites that one such example is the Zealot cyber attack campaign—which used unpatched vulnerabilities to install a Monero coin miner on Windows and Linux machines. This was only one of many such attacks.
According to BleepingComputer.com, which was cited in the Symantec report:
“The attackers are scanning the Internet for particular servers and using two exploits, one for Apache Struts (CVE-2017-5638) and one for the DotNetNuke ASP.NET CMS (CVE-2017-9822), to get a foothold on unpatched machines. The Apache Struts vulnerability is the same flaw that other hackers used earlier this year to breach US financial giant Equifax. In addition, a criminal group abused the same flaw in April to target Struts servers where they installed ransomware from which they made over $100,000 at the time.”
3. Do Create and Implement Policies and Procedures
Your defense is often only as good as the policies that are in place to enforce it. There are many security policies that you can put in place to help protect your network, including:
- A Mobile Device Security Policy,
- A Computer Use Policy,
- A Social Media Policy,
- A Password Policy,
- An Email Policy,
- A Least Privilege Security Policy,
- A Business Continuity (BC) Plan, and
- A Data Backup and Disaster Recovery (BDR) Plan.
4. Do Remind Users to Use Varied and Challenging Passwords
While this is one of the most basic rules, the importance of password security can’t be understated. Remind employees and other network users that their password can be the difference between your organization having a secure network and a hacker being able to infiltrate your organization’s network.
The Don’ts of Network Security
1. Don’t Use Your Admin Account for Non-Admin Purposes
This is one of the easiest traps for a network administrator to fall into. Although the convenience of being able to surf the web or quickly checking your email while waiting for a program to download may be tempting, it can leave your entire network vulnerable to attack.
2. Don’t Leave Your Network at the Mercy of Password Protection
When it comes to allowing users access to your organization’s network, it’s important to not leave the access to be defended by only traditional authentication practices of usernames and passwords. A multifactor authentication method such as two-factor authentication (2FA)/dual-factor authentication (DFA) is what’s needed to add additional layers of defense to your network security.
This, coupled with applying the principle of least privilege, can help you limit employees’ access to data and systems that aren’t applicable to their jobs or responsibilities.
3. Don’t Leave Learning Cybersecurity Safety Up to Employees
Although you’ll likely be disturbed to know just how little the average user knows about cybersecurity, you likely won’t be surprised by some of the numbers. According to a Pew Research Center survey of 1,055 adult internet users, most respondents could answer less than half of the knowledge questions correctly regarding key cybersecurity terms and concepts. This puts employees at the top of the list of cybersecurity threats to any organization, often through sheer ignorance.
As a system administrator, you can change the tide and get the ship back on course by ensuring that all employees are educated through the use of a quality cybersecurity awareness training program. The program is one of the most effective ways to reduce the threats that work within your organization. Don’t leave the training up to them — make the program mandatory and the content interesting to engage your employees.
This will contribute to helping you establish a “human firewall” within your organization. This approach entails that everyone from the top down within your organization is tested via unannounced simulated phishing attacks. You then can determine the susceptibility of employees based on the results of the fake attacks and then train everyone on major attack vectors. This practice is continued on a regular basis to help employees learn and grow, as well as to help you keep your organization’s IT systems secure.
4. Don’t Hesitate to Recognize IT Staffing Limitations
With all of the daily tasks you’re left to handle, sometimes you can use a helping hand. This is where a managed service provider (MSP), like FPA, can be of use. We understand that your team (or just you, if you are the only IT-related staff member) may be overwhelmed with the amount of work that needs to be done on a regular basis; we have helped numerous clients like you throughout the greater Los Angeles area with their IT security needs.
FPA’s approach is to look at our clients’ networks from a holistic viewpoint. As such, cybersecurity isn’t a mere afterthought — it’s a key component of what we do.
Learn where your business stands in terms of cybersecurity preparedness by grading it with our free Cybersecurity Report Card. Click on the image below to download the report card.
Additionally, please feel free to share your thoughts on the discussion topic in the comments section below. Or, reach out to speak with me directly if you’d like to discuss this more in-depth.