My family went to the beach this year for vacation. Yes I know, I saw all the media about all of the shark attacks on the east coast, but we went anyway. As I kept a watchful if not unnecessarily paranoid eye on the water and my boys, I began to think about how a lot of the same types of things I try and protect my kids from I also try and protect networks from as well. Some of these things are more likely to threaten a network than others, but nonetheless an ounce of prevention is worth a pound of cure.
Let’s start with environmental threats. Storms and other natural disasters are usually the first things to come to mind. These threats cause power outages or surges that can prevent access to the system. Temperature can be a major player on the environmental threats’ team. Cold can slow down hardware, but heat can really do some damage causing equipment to become damaged and fail. It is important to be sure all of the equipment used in a network is housed in a nice cool, dry place. We all know what water can do to electronics…everyone has had that one friend who dropped their phone in the toilet. Here in Charleston, WV storms have caused all kinds of power issues, but by and large earthquakes and raging fires are fairly unlikely compared to other parts of the country. They do happen though, so at least having an idea of how you plan to protect your network from these disasters is a good idea.
Make no bones about it natural wear and tear is a threat to your network. Parts fail. We have talked about this before. You take your car in for maintenance, and you should plan for the same with your network! Regular checkups and preventative measures like taking your children to the dentist or the pediatrician are some of the things we do to protect our kids from problems. Doing regular checkups and making sure everything is up- to- date and running smoothly can help to protect your network from problems before they start. Upgrading parts like hard drives and memory as well as fans at a set time in a server’s lifecycle can breathe new life in to the device as well as head off any potential failures along the way. Staying proactive can save you money when compared with the cost associated with down- time associated with a failure. Recovery from failure in general takes far more time than proactive maintenance. You also have the lost productivity and potential loss of customers with which to deal. In most cases, the type of proactive maintenance can be done without any downtime whatsoever.
People…oh wow, people are a huge threat to your network, in reality probably the single greatest threat your network faces. “People” as a group should be extremely limited in how they can interact with the network. Employees should not have any more rights or privileges on any device on the network than absolutely necessary. Physical access as well as remote access should be limited. Employees can bring your entire network down by accident or through malicious intent. Of course we want to trust our employees and from experience only a very small portion of these people problems are malicious in nature. Maintaining a principle of least privilege for everyone on your network is a simple, effective way of deterring many security breaches and failures.
Sometimes it is other people outside your organization that can be the weak link in a chain. Say for example you send a document with confidential information inside to a contractor. Imagine it is a spreadsheet with your client’s personal information and credit card numbers. Imagine that contractor accidentally sent this file to an unauthorized party. This would constitute a major security breach outside of your office. Even though this data left your office you are still obligated to protect it for your clients. Encrypting these files is a great first step. Another tool that you may not have heard of is Document Rights Management (DRM) or Information Rights Management (IRM). This technology extends the document you sent out with a set of explicit permissions as to who is allowed to open it and what they can do once it is opened. You can disable printing, copying, and even saving the document, to name a few. DRM or IRM is an extremely powerful tool for protecting your data outside your network’s borders. What about keeping information from leaving your network all together. Microsoft has some interesting new tools as part of Azure and IRM that can check a document in a number of ways to determine if the file meets all the requirements for being able to be sent via email or on OneDrive share before it ever leaves the network.
Of course viruses are still a very real threat, so keep your firewalls locked down and your software up to date. Backing up your data is critical to the recovery if something does go wrong. While these 2 items could technically be considered preventive maintenance, they are so fundamental to protecting your network and your data I feel they warrant being called out separately. Do your updates on ALL the software on ALL the devices in the network. Make sure antivirus is installed EVERYWHERE. When setting up your backups remember the 3-2-1 rule. 3 copies of your data, 2 on site, and 1 off site.
Follow best practices and continue to test and iteratively build your security and you will be in a much better position to protect yourself and your client’s data. Diligently working to maintain the highest level of security you can has become even more important now that the FTC can also take you to court if they believe you failed to make reasonable efforts to protect consumer information under a 1914 law that gives the FTC broad powers to protect consumers from companies that engage in unfair or deceptive business practices. According to a US District Judge last year, unfair and deceptive business practices now encompass businesses cyber security practices, basically saying customers trust that you will protect their data and failure to follow solid cybersecurity practices is like deceiving your customers with a false sense of security. Make sure you talk to your IT and risk management teams about implementing and enforcing security best practices, because there is no such thing as a small breach.