November 5-7, 2019: ICT & Logistics
Security measures for your corporate network
Nowadays, more and more corporate devices and systems are connected via the Internet to exchange information with each other. The “Internet of things” is becoming an increasingly large and almost tangible matter. This includes amongst others business applications, cloud infrastructures and data storage. Together they shape the corporate network of an organization. As more devices communicate with each other via networks, we have become dependent on the availability of corporate networks. If a component or system suddenly becomes unavailable, this often has an impact on daily business operations.
In an era of digitization, most of the business activities take place via the corporate network. Due to the increasing digitization, more profit can be gained for hackers. Organizations do not only make financial transactions via the company network, but also store all confidential customer and company data on it. This may include personal data, but also the credit card details of customers.
A poor or unsecured network entails risks. According to the cyber security company Malwarebytes, the number of cyber-attacks on corporate networks has strongly increased in recent years. In the first 3 months of 2019, this number increased by 235% compared to the same period in 2018. A total of 9.552.414 attacks were detected by Malwarebytes. On the other hand, the number of attacks on consumers dropped, because hackers have less to gain from consumers (nu.nl, 2019).
Cyber-attacks appear in various shapes and sizes. These attacks can be aimed at the corporate network, hardware and software. For example, they can influence the availability or performance of the network, but there may also be espionage, information theft and even information destruction. These attacks can have major consequences for companies because this can negatively influence the daily operation. This can for example cause financial damage due to the theft of financial resources, production disruptions, reputation damage and the loss of customers and income.
Companies are becoming increasingly aware that proper security of the corporate network is a crucial factor in order to be able to guarantee safe and continuous operations.
Data centers ensure, among other things, a stable and conditioned environment for the hardware due to various protection measures such as climate control, constant power supply and fire protection measures. Data centers must also take care of a series of policies, precautions and physical security measures to prevent unauthorized access to the equipment (and the applications running on it) within a data center. Read more about colocation security in our previous article.
However, with colocation, organizations manage all the different facets that take place within the hardware and the corporate network by themselves. As a colocation customer, it is therefore very important to take measures yourself to protect all data running on the hardware and the corporate network in order to guarantee availability, integrity, confidentiality and capacity of the network.
What is network security?
Network security includes all measures designed to protect the availability, integrity and confidentiality of a network. These measures are aimed at controlling the risks regarding all communication through networks. This includes solutions that are both hardware and software related. Network security is a combination of multiple layers of defense around and in the network. Each layer implements different policies and controls so that only authorized users gain access to the network, and malicious parties are denied access. Those multiple components work together to ensure the most secure network environment possible.
What measures can you take?
There are various measures you can take to protect your company data:
1: Create a policy
Securing a network simply starts with the formulation of a policy on network security. After all, rules must first be drawn up describing what is and what is not permitted by mapping out where possible threats are coming from. A policy defines the cyber threats against which security measures must be taken. It is important to continuously monitor compliance in accordance with the policy and to recognize the issues that still need improvement.
2: Install anti-malware & virus software
Malware is short for malicious software. Malware includes viruses, worms, Trojans, ransomware, and spyware. Malware invades a network through an exploit. This is a piece of software with a bug that endangers the recipient’s software or hardware. The exploit can be distributed via websites, advertisement pop-ups, an attachment in an e-mail or (free) software downloads. Nowadays, malware can also penetrate mobile devices through the download of apps. Because mobile devices are often connected to the corporate network, malware can also enter the network in this way.
Malware will infect a network in order to collect sensitive information and make it available to third parties, to lay down systems, to hostage servers or to move financial resources. Good antivirus programs not only scan for malware upon arrival, but also continuously monitor files to find deviations, remove malware and repair damaged files. It is also important to continuously update the corporate software and the software on the servers in order to ensure the systems remain constantly protected.
3: Use firewalls
A firewall forms a barrier between the trusted internal network and external non-trusted networks. Firewalls are an effective first line regarding access to a network. It focuses on various threats and prevents them from entering or spreading into a network. A firewall protects everything that is “behind” the network against everything that is “in front” of it. Usually the “front” of the firewall is the side facing the internet and the “back” is the internal network. A firewall actually acts as a gatekeeper and determines which packages can continue and which cannot.
4: Anti-DDoS solutions
DDoS stands for Distributed Denial of Service. The purpose of a DDoS attack is to make a server, service or infrastructure inaccessible by sending a large amount of bandwidth to a server. This causes the server to be overloaded and therefore slow to respond or it cannot be accessed at all by legitimate traffic. An anti-DDoS solution can detect and block DDoS attacks so that a server remains accessible.
DDoS attacks are becoming increasingly popular. According to NBIP, a joint venture between internet providers, the number of DDoS attacks has sharply risen in recent years. In 2018 this number grew by 15% compared to the year before. ING and ABN AMRO, for example, became victim to DDoS attacks several times. The servers became overloaded, which meant that customers could not use online banking for a while. Not only consumers, but also web shops and other online service providers were affected.
There are various parties on the market that offer anti-DDoS solutions. Read more about i3D.net’s unique Anti-DDoS solution.
5: Use Intrusion Detection Systems & Intrusion Prevention Systems
Intrusion Detection Systems (IDS) and Intrusion Prevention System (IPS) are automated systems that can detect unauthorized access to network equipment (such as modems, routers and switches). IDS and IPS are sometimes confused with firewalls. The biggest difference between a firewall and IDS and IPS is that the firewall filters and blocks traffic, while an IDS and IPS can check the contents of a data packet. An IDS is a passive system that views packets of data that pass through the network and can trigger an alarm on suspicious activity detection. An IPS, on the other hand, is active and can immediately block external attacks.
VPN stands for Virtual Private Network. This is a network connection that is protected by encryption. Via a secure VPN connection, external computers can connect to a local network, such as a corporate network. Data traffic can be sent via this network to an external server via an encrypted, secure connection. The data is then sent back to the internet via this server. This allows a secure connection to the corporate network from a distance.
Keep paying attention
Preventing cyber-attacks and threats starts with creating awareness. The dangers that are lurking must first be identified by the organization, followed by informing all employees about the protocols. Securing a company network involves multiple layers. It is important to use multiple solutions on different layers, so that if one of the layers fails, other layers still offer protection. In short, combining different scalable solutions will lead to the safest possible result. But don’t forget, cyber criminals will also come up with new methods to attack in the future that will have to be responded to! The solutions how you can best protect your network against new threats are therefore constantly evolving. It is therefore important to keep paying attention to the security of your network.