Make Your Company's Network a Less Inviting Target
Email
Print
The problem is it's almost impossible to make an impregnable
network that's also attached to the Internet. The only way to be
certain is can't be breached is to disconnect the Internet, put your
servers in a vault and station a squad of Marines around it. And that
will only work if one of the hackers isn't also one of the Marines.
And that's one of the basic problems that lead to data breaches. You
can't always trust your employees. Employees have nasty habits of
writing down their passwords, making copies of sensitive data so they
don't have to deal with the encryption software, attaching unprotected
WiFi APs to your network so they don't have to deal with that annoying
Ethernet cable. And sometimes the employees are working with the
attackers to breach your defenses as happened with the WikiLeaks case
last year.
So what do you do? The bottom line is that you need to invest wisely in security. This means that you get the firewalls that you actually need and you pay to train the person who has to configure and run the device. You encrypt your data; you take steps to limit access to data to specific people; you track what they do; and you set your rules on internal and external firewalls to prevent the movement of such data.
But most important, you have to be willing to invest in your staff.
This means you don't just give your IT people a shiny new firewall
and tell them to implement it; you need to pay for training and
probably for ongoing support so that the security hardware, software
and procedures in your company stay up-to-date.
You also have to realize that no security system is perfect. But if you
make it hard enough to break in, then the hackers will attack some
other company. If you also make sure that you have nothing that they
can breach easily, you will decrease the interest in an attack on your
company. But it takes constant training and constant vigilance.
In a way, the best news to come out of the arrests of Anonymous and
LulzSec is if it has prompted your company to pay closer attention to
network security. Being lulled into a sense of complacency is perhaps
the best way to help the people that would attack your network. Staying
on top of your security will help ensure that you're not an inviting
target for the next attack.
So what do you do? The bottom line is that you need to invest wisely in security. This means that you get the firewalls that you actually need and you pay to train the person who has to configure and run the device. You encrypt your data; you take steps to limit access to data to specific people; you track what they do; and you set your rules on internal and external firewalls to prevent the movement of such data.
Wayne Rash is a Senior Analyst for eWEEK Labs and runs the magazineÃÃÃs Washington Bureau. Prior to joining eWEEK as a Senior Writer on wireless technology, he was a Senior Contributing Editor and previously a Senior Analyst in the InfoWorld Test Center. He was also a reviewer for Federal Computer Week and Information Security Magazine. Previously, he ran the reviews and events departments at CMP's InternetWeek.He is a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine. He is a regular contributor to Plane & Pilot Magazine and The Washington Post.
