How to Keep Up With Best Practices for Protecting Critical Information
As always, 2017 promises to be a year of security challenges among network administrators and security specialists. The ever-expanding presence of workforce mobility, the Internet of Things, and more makes keeping up with the latest security best practices as important as ever.
Here are 10 important network security needs in 2017:
Change your default passwords. Network manufacturers usually ship devices with default passwords. If you still haven’t changed the default password, your network is vulnerable to hackers.
Begin using multi-factor authentication. With multi-factor authentication, even attackers armed with stolen usernames and passwords wouldn’t have enough information to log in. Layered network security practices such as multi-factor authentication mitigate the risk of data breaches.
Implement business continuity plans that include a solid backup strategy. More than $300M in ransomware payments were made last year, and properly tested backups can be your best defense.
Deploy Parallel Networks to protect sensitive data. Instead of complex configurations, organizations can easily ensure excellent security of high-risk information through air-gapped “Parallel Networks.” This physical separation prevents would-be attackers from pivoting from one compromised device to servers and networks that hold sensitive data.
Schedule penetration testing on a regular basis. Use pen testing to determine whether and how a malicious user can gain unauthorized access to assets that affect the fundamental security of your system, files, logs, and/or cardholder data. Pen testing also can confirm that the applicable controls required in PCI DSS — such as scope, vulnerability management, methodology, and segmentation — are in place.
Adopt zero-trust networking principles. Through SDN and network virtualization, Cradlepoint NetCloud Engine makes zero-trust WAN possible by microsegmenting the network at the site, departmental, or even user and device levels. This practice quarantines attack attempts once they’re inside the network’s perimeter.
Implement intrusion prevention and detection systems (IPS/IDS). Threat management is important for any IT team, and especially for those handling sensitive information and Point-of-Sale (POS) systems. IPS/IDS defends against evasion attacks, protects key data, and improves network availability.
Simplify your Mobile Device Management. Traditional Mobile Device Management (MDM) software relies on complex, clunky VPN architectures. Deploying a virtual overlay network that seamlessly works within your legacy infrastructure streamlines and simplifies MDM. With no need for head-end hardware, IT teams can give employees access to essential files and applications while also quarantining their mobile devices from the rest of the network.
Extend Active Directory servers to the cloud. Active Directory (AD) is the foundation of enterprise security, ensuring fast and reliable authentication, password compliance, DNS, and more. Today you can use the cloud to extend AD domain services to remote users everywhere, fostering a persistent, LAN-like experience that stays on without user interaction.
Utilize port scanning to understand what you are exposing to potential attackers and lock down unused ports. Open ports essentially are open on-ramps to your network.