Enhance your network security

We often focus on wireless network security and neglect to consider that insider threats, targeted attacks from the outside and hackers using social engineering create vulnerable corporate networks. Specifically, susceptible employees may become victims of carefully plotted psychological manipulation into divulging confidential information. In this article, we consider some of the top measures to improve wired network security for either a small business or a large enterprise.

1. Perform auditing and mapping

It is essential to do some auditing and mapping of your network. This includes having a clear map of your entire network infrastructure, from your vendor/model, location, and the basic configuration of firewalls, routers, switches, Ethernet cabling and ports to wireless access points. You need to determine exactly what servers, computers, printers, and any other devices are connected, where they are connected, and their connectivity path throughout the network. Take note of specific security vulnerabilities and consider ways in which to increase your security, performance and reliability. Vulnerabilities may include an incorrectly configured firewall or physical security threats. If your network is small enough, you may want to create a visual map on a paper. For larger networks, auditing and mapping programs are available to scan the network and produce a network map or diagram.

2. Keep the network up-to-date

Once a network audit has been completed and a network map is in place, check for firmware or software updates on all network infrastructure components. Change default passwords and review the settings for any insecure configuration. Identify other security features or functionalities you may want to introduce.

Consider all the work-stations and devices on your network and determine if, for example, OS and driver updates and personal firewalls are active, and whether the antivirus is running and updated, and passwords are set. You may also want to introduce password change cycles to improve security.

3. Physically secure the network

You need to protect your network against local threats since the physical security of the network is as crucial as your Internet facing firewall. For example, a hacker or even an employee in the vicinity may gain access to your network wirelessly by plugging a wireless router into an open Ethernet port. Hence do not make an open Ethernet port visible or disconnect it to prevent unwanted access.

Prevent outsiders from entering your premises and have a good building security plan in place. Lock all wiring closets and remove network infrastructure components from public and employee discernibility.

4. Consider MAC address filtering

Due to the lack of a quick and easy authentication and/or encryption method of a wired network, people can just plug in and use it, making it one of the major security issues of a wired network. Controlling access by using a MAC filtering system is a viable option since it allows you to choose which devices can connect to your network. While it can also improve control, you should not be lulled into a false sense of security. It won’t completely stop a hacker, but can act as the first layer of security. It can help you prevent an employee, for instance, from causing a potentially serious security hole, like allowing a guest to plug into the private network. It is important to keep the approved MAC address list up-to-date.

To maximise your network security, ask yourself how many of these 12 security measures you have used to secure your wireless network.

Changed the name of your default network

Cybercriminals can determine the manufacturer name of your router as well as the vulnerabilities that the model has and will try to exploit them. Changing your Wi-Fi’s default name makes it harder for malicious attackers to know what type of router you have.

Select a strong and unique password

A router comes pre-set default username and password to install and connect your router. Consequently, it is essential to ensure that you change them both immediately. A good password should be at least 20 characters long and include numbers, letters, and various symbols.

Increased your security by activating network encryption

Wireless networks come with multiple encryption languages, such as WEP, WPA or WPA2. WPA stands for Wi-Fi Protected Access 2 and is both a security protocol and a current standard in the industry and encrypts traffic on Wi-Fi networks.

Used a strong network administrator password to increase Wi-Fi security

Most Wi-fi routers come with default credentials such as ‘admin’ and “password’ allowing easy access for malicious hackers.

Changed your default IP address on the Wireless router

It is more difficult for hackers to track your network if you change the default IP address to a less common one.

Turned off the DHCP functionality on the router

You should turn off the Dynamic Host Configuration Protocol (DHCP) to enhance the wireless network security.

Disabled Remote Access

When you turn off remote access to your router, malicious persons will not be able to access your router’s privacy settings from a device not connected to your wireless network.

Kept your router’s software up-to-date

Regularly checking for updates ensures obtaining security patches developed by device producers.

Set up a firewall

A hardware firewall adds one extra layer of security that should protect your network from potential cyber-attacks.