That's a great question. Let's see if we can boil down the top ways to protect the security of your enterprise...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
network into a five-point list:
- Perform security vulnerability scanning on a regular basis. I've sung this refrain before and I'll continue to tout the virtues of a strong enterprise vulnerability scanning program. Proactive scanning tools allow security pros to detect network security flaws before they're exploited.
- Manage the firewall rulebase through solid auditing practices. Don't underestimate the importance of auditing firewall activity. It's easy for rulebases to become overpopulated with orphaned rules, leading to firewall misconfigurations that severely undermine the security of a network.
- Deploy network intrusion prevention and detection systems (IPS/IDS). A properly tuned IPS can limit malicious traffic's ability to enter the network; search out a best-of-breed IPS/IDS and deploy it on your network. Don't be thwarted by cost; there are several solid open source product options available.
- Use network access control to ensure endpoint security. (Link to this month's tip) NAC products offer the ability to scan endpoints to make sure they are compliant with an organization's security policies before the endpoints can ever gain network access. Every security problem you prevent is one less issue that needs mitigation.
- Content filtering protects your organization from liability. Check with any large corporation's legal department and you'll probably hear at least one litigation story related to the viewing of inappropriate materials in the workplace. Use content filtering tools to limit the organization's liability in this space.
That's a brief rundown of my top five network security practices. Deploying these in your organization should keep you busy for a while!
For more information:
- Looking to transition to a career in information security? Get some expert advice.
- Use the open source tool Nessus for vulnerability scanning in the enterprise.
Dig Deeper on Security Event Management
Related Q&A from Mike Chapple
Encrypting data going to the cloud is a security best practice, but does it add extra challenges for regulators that might need to access the data? ...continue reading
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations ...continue reading
The FTC's order for PCI DSS compliance assessments is odd since PCI isn't a government regulation. Expert Mike Chapple explains the motivation ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.