How can a business prioritise network security when faced with other day-to-day pressures? For many, it’s a careful balancing act of managing existing network solutions while considering the implementation of modern, consolidated security platforms in a more complex, hybrid world of work. It’s an organisational challenge that requires security practices that make sense for your IT infrastructure. “With people working from everywhere, a lot of things have changed,” says Charnie-Lee Adams-Kruger, the country manager for Check Point South Africa. “From being able to use your own devices to do whatever you need to on third-party platforms, it’s become more and more important for people to become security-aware.”
For Adams-Kruger, this is why it’s never been more important to follow key network security best practices. “Regardless of the size of the industry, every business needs to secure their network from cybersecurity attacks. The security landscape is continually evolving with threat actors using sophisticated technologies to compromise corporate networks,” she says. While the cybersecurity requirements may differ from company to company, Adams-Kruger believes that a change from detection to prevention is the first step. “Because once malware is in your organisation, it’s already too late.”
The security landscape is continually evolving with threat actors using sophisticated technologies to compromise corporate networks.
Charnie-Lee Adams-Kruger, Check Point South Africa
Yesh Surjoodeen, HP’s Southern African regional director, says that because cybersecurity spend is set to increase by an average of 13.2% in 2023, budgets will be under scrutiny to focus only on the most pressing cybersecurity needs. “The onus for cybersecurity this year is on intentional spending,” he says. “With a wide range of security issues to address, businesses need to understand which areas expose the company to the most risk, know what is most likely to be targeted and how much one can afford to invest in cyber defence.”
Secure by default
It’s not only about using the right security software. Adams-Kruger says that a critical part of network security best practice is for organisations to consolidate their security solutions to improve the visibility of the attack surface. “This will provide a better opportunity to secure everything from the networks, the endpoints, the cloud and mobile,” she says. “Also, a zero-trust model must be implemented.”
With a wide range of security issues to address, businesses need to understand which areas expose the company to the most risk, know what is most likely to be targeted and how much one can afford to invest in cyber defence.
Yesh Surjoodeen, HP
Because today’s hybrid work environment is no longer governed by fixed parameters, Adams-Kruger sees zero trust as a mindset change: “We need to move beyond binary security models focussed on letting good guys in and keeping the bad guys out. For zero trust to work effectively, organisations must determine how to give users the access they need to do their jobs without compromising the security.”
Security policies and methodologies are one of the ways a business can realistically determine access and, at the same time, prevent cyber threats. “Organisations need to start asking the right questions about how devices are designed with security and resilience in mind, considering all aspects down to hardware and firmware,” says Surjoodeen. He adds that companies should consider how their endpoint infrastructure is being protected.
Adams-Kruger warns that restrictive policies can inhibit system usability and employee productivity. This is why she believes a policy should not only be well-defined but dynamic, allowing organisations to adapt to change while remaining secure. A poorly-designed or ill-suited policy can create gaps that attackers can exploit, gaining network access and possibly expanding the footprint of a network.”
By understanding and implementing fundamental network security concepts, businesses will be able to take the first step in ensuring the safety and security of their organisation.
Five tips that lower cyber risk
“The process of securing your network security systems against attacks is tedious at worst, and incredibly simple at best,” says HP’s Yesh Surjoodeen. “Organisations need to take a targeted approach to security. Most breaches start at the endpoint, so by building in protection to these devices, enterprises can reduce the burden on security teams.”
- Changing the default name and password of your network
This is the easiest change to implement in preventing hacking risks. Your SSID (Service Set Identifier) and password should be unique and longer than the default phrase. Steer clear of anything obvious, or including any personal information.
- Turn on network encryption
This will mask any data sent between your wireless channel and your device, adding an extra layer of protection should anyone be eavesdropping on your network.
- Turn on your router firewall
An effective firewall helps to prevent unwanted traffic from entering or leaving your wireless network without your knowledge. Most routers come with excellent hardware-based firewall options; it’s a matter of manually enabling the option.
- Ensuring your router's firmware is up to date
Your router’s firmware is an important piece of the secure network connection puzzle. Install the latest version, and this should help improve your network’s security strength.
- Disable remote access
Most routers allow remote access, and while this may be convenient, it opens your network to security threats.
* Article first published on brainstorm.itweb.co.za
Share