Internal Network Security Solutions
How to Implement a Secure System to Protect Against Computer Theft
Sep 5, 2009
A network security analysis will reveal weaknesses and identify the risks posed to a company's computer system. What measures can be taken to best implement a business network security?
Network Security – Identifying the Risk.
A risk analysis is vital when implementing a network security policy.
Identify areas of potential risk. Look at some of the areas of potential risk and decide how to limit the risk from these areas. Here are two examples to consider:
Physical security: Is the alarm system adequate? Is there enough control over who comes or goes from the building? Is the server room secure? Physical access to the computer will give a data thief the opportunity to disable passwords.
Desktop and laptop security should be taken seriously. It has been said that thieves can steal up to 20 computers (excluding monitors etc) in 3 minutes, the time it takes for the armed response units to arrive, if the computers are not secured to or under the desk.
Disgruntled staff: Disgruntled staff is one of the main causes for data theft and malicious damage to computer systems. Passwords and building access codes etc. should be changed immediately if a member of staff who has privileged access resigns or is retrenched.
Many companies' computers have been hacked into by disgruntled ex-network administrators. Obviously IT personnel pose the greatest risk to a business. Many companies will not allow IT staff the option of working in a month's notice when they resign, they get barred immediately from the building. Unfortunately, the damage may already have been done before the IT staff member resigns.
Data Storage
A simple network security solution is to keep all data on a server/s in order to eliminate the need for users to keep any data, except for personal files, on their workstations.
A large percentage of data theft is due to computer theft. Laptop computers are the biggest risk, so limit the number of laptop users to a minimum. Laptops are easy prey for data thieves and can be stolen from just about anywhere since, typically, they are taken home. Don't think that a secure password on a laptop will prevent data loss if the laptop is stolen – it is very easy to bypass the password with the right tools. Laptops can also be secured to the desk by means of a cable or chain while at the office.
USB sticks (flash drives) should be prohibited as these facilitate data theft.
Servers should be kept is a secure environment where only certain personnel have access. A solid brick room with a “strong room” type door is recommended.
Network Security Password Policy
An integral part of good computer network security, is a strict password policy. When implementing a password policy consider the following:
Passwords should include non alphanumeric characters, such as - @#$
Passwords should not be dictionary words. They should be completely random in their composition. Family names, pet names and so on, are definitely out. Automatic password generators can be implemented to avoid staff thinking up easy to hack passwords.
Passwords should expire, the shorter the expiry time the better.
Users should not be allowed to use the same password twice within a given period of time.
A minimum acceptable length of a password should also be set. The longer the password the harder it is to crack.
With careful planning and attention to detail, it is possible to implement good network security solutions and eliminate the worry of theft and malicious damage.
More Articles That May be of Interest to the Reader:
How to Implement a Network Security Solution
IT Project Management and Classes
Project Management Implementation Preparation
 |
 |
 |
 |
 |
