Jones IT | Managed IT Services, IT Support, IT Consulting

View Original

The Ultimate Network Security Checklist

In this post, we share with you a network security checklist of action items and security best practices that illustrate how you can secure your business network against the common computer network-related cyberattacks and mitigate the risks associated with modern business networks.

Why IS Network Security Important?

Your IT network is the gateway to your company’s IT infrastructure. Anyone who has access to your network or WiFi also has access to your entire infrastructure. Computer networks can be hacked in a number of ways by using scripts or network software. You might be surprised to know that many pre-packaged hacking scripts and programs are available online for amateur hackers.

Advanced hackers may use a number of techniques including worms, distributed denial of service (DDoS), and most commonly establishing unauthorized remote access to devices. According to Verizon’s 2019 Data BreachInvestigations Report, 43% of data breach victims were small businesses.

Therefore, protecting your company’s IT assets against malware, phishing, trojans, and unauthorized remote access is a full-time job in itself. Protecting your IT infrastructure from cyberattacks is critical for the sustainability of your business because 60% of small businesses that suffer from a cyberattack go out of business within 6 months.

Network Security Checklist

Even though unprotected networks are highly susceptible to cyberattacks, businesses rarely conduct Network Security Audits. Therefore, we are sharing with you this network security checklist along with security best practices that will help secure your computer network. The checklist as a spreadsheet is available at the end of this blog post.


1. Firewall

A firewall is a security system for computer networks. Firewalls monitor and control the network traffic- incoming and outgoing, based on security rules set by you. In simple terms, a firewall is a filter between your internal network and the external network such as the internet. Here are the firewall-related checklist items:

  • You have a firewall in place to protect your internal network against unauthorized access.

  • The password for your firewall device has been changed from the default to a strong one.

  • Your default posture on all access lists, inbound as well as outbound, is “Deny All”.

  • Every rule on the firewall is documented and approved by an authorized individual.

  • Every alert is promptly logged and investigated.

  • You use only secure routing protocols, which use authentication.

  • You promptly disable any permissive firewall rules that are no longer required.

2. Secure Network Devices

Your network security is only as strong as the weakest link. This means you need to ensure all the devices that have access to your network, including servers, desktops, and mobile devices are secure. Here are the best practices for securing your network devices:

  • Purchase your network equipment only from authorized resellers.

  • Download firmware, updates, patches, and upgrades only from validated sources.

  • Ensure that all devices on your network are using WPA2 (Wi-Fi Protected Access II).

  • To maintain consistency and for ease of management, use standard configuration for each type of device.

  • Maintain a list of all your network hardware- include the device name, type, location, serial number, service tag, etc.

  • Disable those ports that are not assigned to specific devices.

  • Use physical or virtual separation that allows network administrators to isolate critical devices onto network segments.

  • Turn off all unnecessary services on routers and switches.

  • Regulate physical access to routers and switches.

  • Implement a robust password policy that ensures the use of strong password encryption.

  • If you are using SNMP (Simple Network Management Protocol), use SNMPv3. Do not use SNMPv1 and v2 as they are vulnerable to IP spoofing attacks.

  • Ensure that you use only OOB (out-of-band) for sending management traffic to devices.

3. Software Patch Management

A software patch is a set of changes that are applied to a computer program to update, fix security vulnerabilities, or to improve the functionality, usability or performance. Patches are also called bug fixes and are released by the software provider. Software patch management is the process of using a strategy to ensure that patches are applied to systems in a planned manner and at specified times.

If you ever feel that you can ignore patches, remember that when the WannaCry ransomware attack hit, Microsoft had already released a patch to safeguard Windows against such attacks. The companies that hadn’t updated their network software with this patch got infected and had to pay a heavy price.

Here are the patch management checklist items:

  • Use only licensed and supported software to ensure that vulnerabilities are investigated and patches made available.

  • Software updates and security patches must be installed as soon as they are available.

  • Unsupported software should be removed from devices capable of connecting to the internet.

  • Use a patch management solution. If you hire a Managed IT Services Provider, they usually offer patch management solution to fit your business requirements.

4. Malware Protection

Malware is a widespread menace and persistent threat to businesses. Malware spreads in three common ways:

4.1 Phishing emails

Attackers usually pose as a legitimate individual or representative of an institution and lure users into downloading attachments that turn out to be malware.

4.2 Malicious websites

Attackers often set up websites that contain scripts designed to find vulnerabilities in the device of the site visitors. The attackers then use these vulnerabilities to force malware onto the visitor’s system. Sometimes the malware is disguised to appear as legitimate software available for downloads.

4.3 Malvertising

Malvertising is malicious online advertising that contains scripts designed to download malware on your computer. Such ads can be inserted into legitimate and reputable websites and therefore have the potential to reach a large number of users. The scary thing about this form of phishing is that the site visitor’s computer can be infected without even clicking on the ad.

Here are the action items for safeguarding your network against malware:

  • Anti-malware software should be installed on all computers and mobile devices

  • The anti-malware software must be kept up-to-date

  • Configure the anti-malware software to scan files and web pages automatically and block malicious content

  • Ensure that the software is configured to perform regular scans

5. User Account Management

Your users are probably the weakest link in your network security chain. Preventing cyber attacks is always better than dealing with viruses, malware infections or ransomware. Therefore, give your users the tools and training to keep them up-to-date. In addition, have checks and balances in your processes to limit damage in case of a cybersecurity breach.

  • Create a unique user account and username for each individual

  • Implement robust password policy to ensure all users have strong passwords

  • Implement 2FA (Two-Factor Authentication)

  • All user accounts and their privileges must be documented and approved by an authorized individual

  • Admin accounts should be used only for performing admin tasks

  • User accounts, especially those with admin accounts must be removed when no longer required.

  • Use only one approved remote access method to maintain consistency.

  • Give remote access only to authorized users. Give unique credentials to each user instead of using a common account.

  • Use virtual private networks (VPNs) for remote access to secure your device and connection when using public networks.

  • Set up a guest WiFi, which is segregated from your internal network, for visitors and employee-owned devices.

  • Educate your employees about cybersecurity risks and attacks they are vulnerable. Teach them how to identify phishing and the steps they need to take if infected.


6. Email and Internet Access

The internet and emails are the primary sources of cyberattacks on your network. As such they are a double-edged sword. On one hand, they are necessary for performing work, and on the other hand, they are the most prominent source of cyberattacks. A clearly defined policy for the proper use of email and the internet will help you safeguard your company’s IT network.

  • Use mail filters to protect against spam, malware, and phishing.

  • Configure your devices to reject any directory harvesting attempts.

  • Use an email filtering solution to filter both inbound and outbound messages. This will protect your users as well as your customers.

  • Ensure that your anti-malware software scans all content including streaming media.

  • Implement an Internet monitoring solution to provide your users with secure Internet access.

  • Block any outbound traffic that can potentially be used to go around your Internet monitoring solution.


7. IT Policy

Cybersecurity and network security start with your IT policy. A robust IT policy defines your company’s strategies regarding the roles of your employees, tools available to them, use cases, data security, IT security, and governance. Clearly defined policies empower employees as well as hold them accountable. This should serve as a reference and guide whenever there is any doubt about and part of IT operations and management.

  • Perform penetration tests to identify vulnerabilities.

  • Use phishing audits to test the preparedness of your users against phishing attacks.

  • Make encryption mandatory for all mobile devices that leave your office premises.

  • Perform vulnerability scans on random samples of your workstations to check if they are up-to-date.

  • Backup all data, which is critical for your business, regularly.

  • Perform test restores to verify that your backups work properly.

  • Disable Wireless Protected Setup (WPS) on all wireless devices.

  • Disable the Universal Plug n Play (UPnP) option.

  • If you have a BYOD (Bring Your Own Device) policy, ensure that you use an MDM (Mobile Device Management) solution.

  • When granting permission to file share, the default must be “read-only”. Restrict “full control” to admin accounts.

  • Establish procedures for onboarding and off-boarding employees.


How to use this network security checklist

Network infrastructure devices are typical targets for cyberattackers because once installed, many network devices such as routers, switches, firewalls, etc. are not maintained at the same security level as your desktops and mobile devices.

There are a lot of things you need to do to ensure that your network is secure from a variety of cyberattacks. It is a daunting task but this is something that should be your priority and is definitely worth investing in. You can use this checklist to jump-start your network security strategy.

The intent of this checklist is to provide tips and guidance in the areas of your IT infrastructure you should focus on to secure your business network. Once implemented, you’ll be well on your way to maintaining a safe and secure network. It is, of course, impossible to make a modern business network 100% secure.

The evolving technology brings with it improvements in functionalities and efficiency but also brings new security challenges. Therefore, you will need to revisit this network security checklist regularly to keep it up-to-date with the latest network security challenges and mitigation steps. Conducting Network Security Audits is a good way to keep your checklist updated. In any case, by using this checklist, you will be able to mitigate an overwhelming majority of the network security risks your business is likely to face.

As promised, you can access the network security checklist spreadsheet here: The Ultimate Network Security Checklist.


If you liked the blog, please share it with your friends

See this content in the original post