With data breaches and ransomware in the news every day, it’s no surprise that over 177 million personal records were exposed in 2015, according to the Identity Theft Resource Center. While IT teams are already overwhelmingly tasked with ensuring perfect availability and performance of IT networks and infrastructure, now they must also secure their networks from cybercrime to protect their company’s data, reputation and business. Safeguarding your company from cybercrime is no small feat but the consequences of failing to do so are severe – the average cost of a data breach is around $4 million, according IBM.
We get it. You’re busy, your users are busy, but waiting until your network is under attack to engage in IT security best practices is a risky mistake. In the midst of a cyberattack, your IT security precautions and protocols will suddenly become important – take for example how cities on fault lines set up emergency protocols after a devastating natural event. The good news is that IT teams can take a step in the right direction by incorporating proactive security best practices in their everyday tasks. Let’s look at three ways IT teams can keep their networks safe in an increasingly unsafe world:
- Evolve your IT security as your technology evolves
Enterprise IT has become increasingly complex with new waves of technology constantly emerging, such as cloud, Internet of Things (IoT) and Bring Your Own Device (BYOD). Cisco predicts that the global IoT market will reach $14.4 trillion by 2022 and cloud applications will account for 90% of worldwide mobile data traffic by 2019. While these advances has brought greater efficiency to businesses, they also increase the chance of hackers breaking perimeter security controls – making it harder for IT teams to secure their network. As your technology evolves, be sure to evolve your IT infrastructure along the way. Not having a well thought out plan to update your network as you adopt new technologies will permanently put your IT and network managers in a reactive position. Security controls should be applied continuously to identify threats before they can cause any damage.
- Be on the lookout for any unusual activity on your network
Monitor your network for any IP addresses that originate from unexpected locations or from areas that have a history of malicious activity and flag any unusual or unexpected protocols for firewall ports. Geolocation, or Geo-IP-location, can be a helpful resource, as the technology instantly provides you with the geographical location of any IP address. By mapping the sources of security risks and/or events, IT departments can gain more insight into where threats are coming from. This can help detect or prevent data breaches, and also mitigate damage in the event of an attack. Think about it: If you can determine that the majority of traffic is coming from one specific geographical region during a DDoS attack, for instance, your IT department could temporarily implement a network access control list (ACL) that blocks that traffic.
- Implement a network monitoring solution
Without end-to-end visibility into your IT security and network, you’re essentially working blind. A flexible and comprehensive network monitoring solution will allow you to analyze network flow or traffic patterns, making it easy to spot any major deviations from your network traffic baseline – a potential indicator for an attack on your network. Instead of constantly fighting fires and network outages, keep the network running smoothly on a consistent, 24/7 basis with network monitoring and regular network maintenance. Taking a proactive and strategic approach will lead to a secure network that has zero downtime and great career success.
Don’t let your company become the next data breach headline. Secure your network by evolving your IT security as your technology evolves, looking out for any unusual activity on your network and implementing an “all-in-one” network monitoring solution. It might mean extra work now, but these few IT security tips will save you lots of headaches and potentially your job down the road.
[su_box title=”About Nirav Shah” style=”noise” box_color=”#336588″][short_info id=’76411′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.