That's a great question. Let's see if we can boil down the top ways to protect the security of your enterprise...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
network into a five-point list:
- Perform security vulnerability scanning on a regular basis. I've sung this refrain before and I'll continue to tout the virtues of a strong enterprise vulnerability scanning program. Proactive scanning tools allow security pros to detect network security flaws before they're exploited.
- Manage the firewall rulebase through solid auditing practices. Don't underestimate the importance of auditing firewall activity. It's easy for rulebases to become overpopulated with orphaned rules, leading to firewall misconfigurations that severely undermine the security of a network.
- Deploy network intrusion prevention and detection systems (IPS/IDS). A properly tuned IPS can limit malicious traffic's ability to enter the network; search out a best-of-breed IPS/IDS and deploy it on your network. Don't be thwarted by cost; there are several solid open source product options available.
- Use network access control to ensure endpoint security. (Link to this month's tip) NAC products offer the ability to scan endpoints to make sure they are compliant with an organization's security policies before the endpoints can ever gain network access. Every security problem you prevent is one less issue that needs mitigation.
- Content filtering protects your organization from liability. Check with any large corporation's legal department and you'll probably hear at least one litigation story related to the viewing of inappropriate materials in the workplace. Use content filtering tools to limit the organization's liability in this space.
That's a brief rundown of my top five network security practices. Deploying these in your organization should keep you busy for a while!
For more information:
- Looking to transition to a career in information security? Get some expert advice.
- Use the open source tool Nessus for vulnerability scanning in the enterprise.
Related Q&A from Mike Chapple
The updated HITRUST Common Security Framework allows organizations to manage privacy, security and compliance with one framework. Here's how it works...continue reading
A HIPAA audit covers privacy compliance, and organizations need to be prepared. Expert Mike Chapple discusses privacy in the audits.continue reading
A data breach warranty may seem like a tempting way to survive a costly attack, but it may not be all it's hyped up to be. Expert Mike Chapple ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.