4. Segment by trust and security. We're still seeing a lot of companies operating under the old model of network security. Put simply, they put a hard crunchy shell on the outside of their network while keeping a soft, chewy interior. In this scenario, network access policies apply to all users, regardless of department or level of trust. But we all know different departments require customised levels of access and protection depending on their role within the organisation. To follow our analogy further, today's business requires multiple layers of hard crunchy shells throughout multiple segments of your network. In other words, businesses need to set thoughtful, strategic governance and access policies to protect privileged information while allowing full access to other information. For example, this will help make sure payroll information is accessible by accounts payable, but not by the sales team.
5. Treat your wireless network the same as your wired network. More and more companies are incorporating bring-your-own-device (BYOD) policies in order to benefit from a mobile workforce and enhance productivity. Companies usually adopt complicated procedures to manage security on the various devices their employees want to use, but these limited security measures are only effective within a virtual private network (VPN) or hard-wire connection. This approach leaves mobile devices vulnerable to intrusion, viruses, and malware when connected to a wireless network. With threats on the rise and growing amounts of corporate data stored on workers' personal devices, it is more critical than ever that steps be taken to thoroughly secure wireless infrastructure.
Most of the above tips are readily available to companies today using the tools they have already invested in, but not all IT departments have built these steps into their security strategy. With careful planning and an emphasis on proactively defending the corporate network, companies of any size can mitigate risks and weaknesses in their networks.
Scott Robertson is Vice President Asia Pacific, WatchGuard Technologies.
Sign up for Computerworld eNewsletters.