How to: Secure your company network
Take steps to defend your data from within and without

Source: St. Louis Business Journal

By: Diana Barr

Date: February 25, 2011

Securing your company network calls for allowing legitimate access, keeping vital data safe and complying with regulations.

Dave Chronister is an “ethical hacker,” as well as co-founder and chief technology officer for Parameter Security, which identifies clients’ network security weaknesses. Passwords are the weakest link in an attack, Chronister said. “A password over 10 characters is good, and remember that the space is a very secure character,” he said. Don’t use the same password on every system or site. “We say to use pass phrases, such as ‘Mary had a little lamb,’ ” or song lyrics that are easily remembered, Chronister said.

Besides bad password protocol, “most attacks happen because there are vulnerabilities in your software,” Chronister said. Download updates and patches as soon as they’re issued, and keep your antivirus programs up to date. He suggests using different antivirus companies for your network and your desktop for broader coverage.

“Users are your biggest liability, but if trained correctly they can be one of your biggest security assets,” he said. So train all employees on security awareness to avoid problems such as phishing e-mails or malicious Facebook applications.

Before Dan Abel Jr. became vice president of his family’s candy company, Chocolate Chocolate Chocolate Co., he worked for a computer company and had built many a server. “I was obsessed with security,” he said. Abel suggests that even a small business have its own server in house and use an online backup service. The company uses an integrated software to handle everything from raw material inventory to sales and accounting.

“Use a secure VPN (virtual private network) to connect your server” to remote locations, Abel said. Chocolate Chocolate Chocolate store personnel have password-protected access to a secure intranet for in-house information. Your company’s online shopping sites should be hosted on encrypted platforms, he said, as the candy company’s are.
Abel recommends using Internet-based e-mail that’s hosted off site and to set your spam filter to head off possible security breaches.

Besides having a good password policy, “isolate your business assets from the Internet with a good firewall or two,” said Joshua Brown, senior vice president of MIS infrastructure at global public relations firm Fleishman-Hillard. “Host-based intrusion detection systems look for patterns of behavior that aren’t normal.” Physically secure your system under lock and key, Brown said. “Make sure backups are kept off site in a secure place, so if there is a fire or flood, you’ll be able to get back up and running.”
Wireless security is increasingly important. Fleishman-Hillard is doing a full encryption on all its machines so if a laptop is lost or stolen, the information on it is useless, Brown said. That eliminates the need to “remote wipe” mobile devices, he said, but that and tracking capabilities also are available.

Brown urges companies to commit the resources needed to secure their networks and to be sure IT staff stay current in their own training. “Security is not something you can let slide,” he said. “It’s not just your reputation at stake, it’s your clients’ reputation.”  

Ask the Experts 
 Dave Chronister
Co-founder and chief technology officer at Parameter Security

• SET longer, memorable passwords

• UPDATE antiviral protection

• Security Awareness TRAINING for all employees

Dan Abel Jr.
Vice president of Chocolate Chocolate Chocolate Co.

• USE a secure VPN

• BACK UP data online

Joshua Brown
Senior vice president at Fleishman-Hillard

• ISOLATE your business assets

• ENCRYPT to protect wireless devices

• TRAINING for all employees