7 Best Practices for Network Security

Too many small business owners think that threat intelligence, Zero Trust protocols, and network security impact only global corporations. But no matter how small your business, you need to give cybersecurity your time and attention.

While many of today’s much-hyped security solutions may be beyond your budget, most of the best practices for maintaining network security — tactics and tools that protect your customer and financial data, intellectual property, and office systems — are affordable and practicable.

7 vital best practices for network security

Hacker-proof passwords
Spam filters and anti-virus software
Multi-factor authentication
Mobile device management
Updated software
Ongoing employee training
Backup and a recovery plan

1. Create hacker-proof passwords

While it’s doubtful anyone is still using “password” as their password, it’s a good bet you’re still using some version of your birthday, address, or college mascot.

So, how do you create an effective password?

The lowest level of protection requires using a mix of upper- and lowercase letters, symbols, and numbers — none of which are related to your birthday, address, or other identity markers — and to change your passwords at least once a quarter. But the best passwords are long, indecipherable character chains that spell nothing and are definitely not memorable.

Password managers are simple applications you install on your computer that generate and store your passwords.

Each time you set up a new account, you use the password manager to generate a new secure password, which you copy and paste into the account setup. All your accounts can have unique secure passwords, and you need to remember only one password, which is the password you set up on your password manager application.

Password managers start around $35/year per user. Some offer a business plan, which can reduce the per-user cost.

2. Use spam filters and antivirus software

Using spam/anti-malware filters and antivirus software should top your network security checklist if you want to prevent cyberattacks.

Businesses often deploy spam filters and anti-malware filters on their email gateways as the first line of defense against phishing attacks. Spam filters block traffic at the source by using global threat dictionaries that list known malware signatures. If a known signature is detected as an attachment in an email, then the threat is blocked transparently from the user’s perspective.

Additionally, you should install antivirus software on every host in a Windows-based system. Antivirus software is updated daily to reflect thousands of new cyber threats. You’ll need to install the software on every device connected to the network; when it detects a malicious file, it simply deletes it.

3. Use multi-factor authentication

One of the top cybersecurity practices for small businesses is to implement multi-factor authentication (MFA). Multi-factor authentication requires a password and another identifier, such as a PIN, a thumbprint, or a code. If you’ve used online banking, you’re probably familiar with this system.

If your password was stolen or revealed in a data breach and an attacker tries to use it to gain access to your network, multi-factor authentication would prevent that attacker from being successful. These solutions are often free with other software you’re already using (such as Microsoft Office 365).

4. Practice mobile device management (MDM)

Mobile device management is similar to endpoint security — it refers to securing devices connected to your network. However, MDM is specific to mobile devices such as phones and tablets, where endpoint security includes computer workstations, printers, scanners, and other office equipment.

Mobile device management determines which devices can access the network and enforces the security policies. It manages encryption, monitors for security and regulatory compliance, and remotely wipes lost or stolen devices.

5. Keep software updated

This is an easy step, and one for which you’ll receive automated reminders if you confirm the auto-update feature in settings. Software vendors issue “patches” that amend software code to protect against new threats as they are discovered.

Regularly remind employees to restart their computers once a week, to ensure they download the latest security patches available for the software on their laptops and workstations.

6. Train employees regularly

No matter how thorough your computers’ network security, your network security plan is only as effective as your employees’ awareness and cyber hygiene. Security awareness training has risen in popularity because 98% of cyber attacks rely on social engineering — phishing emails opened by unsuspecting employees — as their entry point into a network.

The goal of security training is to inform and educate employees on how to identify common attacks used by threat actors. Training is just as important to companies with a handful of employees as it is for a large enterprise’s corporate network security.

For example, sending regular phishing email campaigns to unsuspecting employees, is an effective way to test their understanding of current scams used by threat actors. If a user falls victim to this test, additional training can be assigned.

You may be surprised how many employees can’t identify a phishing scam or won’t update passwords regularly. Don’t take anything for granted; be sure to regularly require cybersecurity training to keep employees aware and vigilant.

Key reminders should include:

Review of your cybersecurity policy
Only use work email for work communications: When an employee signs up for a third-party service with a company email and that service gets breached, it can mean trouble for your network.
How to spot phishing emails: Communicate the latest bogus emails through your company newsletter or intranet between training sessions.
Don’t overshare on social media. If a scammer has your pet’s name, school name, family member names, and birthday, they may gain insight into your security questions and be able to impersonate you.
Don’t auto-forward work emails to your personal email address when you’re out of the office, and don’t use an automated “out of office” email reply.
How to respond to ransomware attacks (immediately disconnecting from the internet and intranet)
How to respond to a computer virus (don’t back up files until the virus has been removed)

7. Backup regularly and plan for recovery

Back up everything. Bonus points if you learn how to retrieve the backup when disaster strikes.

Data can be compromised for any number of reasons — a ransomware attack, disgruntled employee, or hardware failure. You should back up data and system configuration daily and have multiple backups, both on-site and off.

Although a critical component of your network security plan, backing up data doesn’t have to be expensive or complex. For smaller companies, you can buy an external hard disk drive with 2 terabytes of space for $59 on Amazon.

Additionally, most computers (and phones) come with software that can perform backup and recovery, which might include a small monthly fee depending on how much space you need. There also are many local and cloud backup solutions.

Secure all your entry points

The most important thing to remember is that good cyber hygiene takes time to do well, and it can only be achieved when you secure your people, processes, and technologies.

As with many other challenges around security, it may be worth the investment of hiring an outside consultant to evaluate your system and assets, then make recommendations regarding what you need to protect, and how to do it.

Too many small business owners think that threat intelligence, Zero Trust protocols, and network security impact only global corporations. But no matter how small your business, you need to give cybersecurity your time and attention.

While many of today’s much-hyped security solutions may be beyond your budget, most of the best practices for maintaining network security — tactics and tools that protect your customer and financial data, intellectual property, and office systems — are affordable and practicable.

7 vital best practices for network security

Hacker-proof passwords

Spam filters and anti-virus software

Multi-factor authentication

Mobile device management

Updated software

Ongoing employee training

Backup and a recovery plan

1. Create hacker-proof passwords

While it’s doubtful anyone is still using “password” as their password, it’s a good bet you’re still using some version of your birthday, address, or college mascot.

So, how do you create an effective password?

Password managers are simple applications you install on your computer that generate and store your passwords.

Password managers start around $35/year per user. Some offer a business plan, which can reduce the per-user cost.

2. Use spam filters and antivirus software

Using spam/anti-malware filters and antivirus software should top your network security checklist if you want to prevent cyberattacks.

3. Use multi-factor authentication

4. Practice mobile device management (MDM)

Mobile device management is similar to endpoint security — it refers to securing devices connected to your network. However, MDM is specific to mobile devices such as phones and tablets, where endpoint security includes computer workstations, printers, scanners, and other office equipment.

Mobile device management determines which devices can access the network and enforces the security policies. It manages encryption, monitors for security and regulatory compliance, and remotely wipes lost or stolen devices.

5. Keep software updated

This is an easy step, and one for which you’ll receive automated reminders if you confirm the auto-update feature in settings. Software vendors issue “patches” that amend software code to protect against new threats as they are discovered.

Regularly remind employees to restart their computers once a week, to ensure they download the latest security patches available for the software on their laptops and workstations.

6. Train employees regularly

The goal of security training is to inform and educate employees on how to identify common attacks used by threat actors. Training is just as important to companies with a handful of employees as it is for a large enterprise’s corporate network security.

For example, sending regular phishing email campaigns to unsuspecting employees, is an effective way to test their understanding of current scams used by threat actors. If a user falls victim to this test, additional training can be assigned.

You may be surprised how many employees can’t identify a phishing scam or won’t update passwords regularly. Don’t take anything for granted; be sure to regularly require cybersecurity training to keep employees aware and vigilant.

Key reminders should include:

Review of your cybersecurity policy

Only use work email for work communications: When an employee signs up for a third-party service with a company email and that service gets breached, it can mean trouble for your network.

How to spot phishing emails: Communicate the latest bogus emails through your company newsletter or intranet between training sessions.

Don’t overshare on social media. If a scammer has your pet’s name, school name, family member names, and birthday, they may gain insight into your security questions and be able to impersonate you.

Don’t auto-forward work emails to your personal email address when you’re out of the office, and don’t use an automated “out of office” email reply.

How to respond to ransomware attacks (immediately disconnecting from the internet and intranet)

How to respond to a computer virus (don’t back up files until the virus has been removed)

7. Backup regularly and plan for recovery

Back up everything. Bonus points if you learn how to retrieve the backup when disaster strikes.

Data can be compromised for any number of reasons — a ransomware attack, disgruntled employee, or hardware failure. You should back up data and system configuration daily and have multiple backups, both on-site and off.

Although a critical component of your network security plan, backing up data doesn’t have to be expensive or complex. For smaller companies, you can buy an external hard disk drive with 2 terabytes of space for $59 on Amazon.

Additionally, most computers (and phones) come with software that can perform backup and recovery, which might include a small monthly fee depending on how much space you need. There also are many local and cloud backup solutions.

Secure all your entry points

The most important thing to remember is that good cyber hygiene takes time to do well, and it can only be achieved when you secure your people, processes, and technologies.

As with many other challenges around security, it may be worth the investment of hiring an outside consultant to evaluate your system and assets, then make recommendations regarding what you need to protect, and how to do it.

Cloud Computing Can Save Your Company Money

Adding Value to Business