[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

What would make one of the securest networks out there

Posted on 2014-12-20
8
Medium Priority
?
142 Views
Last Modified: 2014-12-23
Listening to the Sony hacks that have been going on and hearing the SONY ceo say that 80% of companies would have been hacked with that type of attack - I'm wondering what would make for a sort of *ultimate* secure network.

Taking in considerations that the network would still interact with the internet.
0
Comment
Question by:Network Zero
8 Comments
 
LVL 29

Assisted Solution

by:Jan Springer
Jan Springer earned 375 total points
ID: 40511173
The ultimate secure network is one that is unplugged from the Internet.  Seriously.
0
 
LVL 101

Assisted Solution

by:John Hurst
John Hurst earned 750 total points
ID: 40511176
While I understand fully the previous post, we generally need to be connected. With that in mind, if someone absolutely wants to break into your network they probably will.

However most people do not have the required expertise. So:

1. Put a top brand, commercial firewall in front of your network and have a skilled consultant set it up and secure it.

2. Make sure all of your servers and all of your workstations are fully patched.

3. Train your people NOT to click on bogus "I can help you" and "Free stuff" links.  Most attacks (viruses, malware, cryptolock and so on) come from people inviting the stuff in by clicking on bogus links. Train your people. You are not a hapless victim.
0
 
LVL 8

Author Comment

by:Network Zero
ID: 40511183
@Jan Springer @John Hurst - to keep things interesting lets say the company is an IT security firm and all employee's are trained in basic security prevention. There's a hardware firewall in place  and everything is running the latest security patch which is automated by a system that patches servers + desktops on a regular basis.

Taking out the human element and keeping connecting to the outside world an option what can we do too fortify the network even more?
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
LVL 101

Assisted Solution

by:John Hurst
John Hurst earned 750 total points
ID: 40511198
So long as standard ports are blocked, firewall rules prevent intrusions, firmware is updated and servers are patched, you have done about all you can do.

Further, I keep myself and my clients behind VPN firewalls, so the only way in from outside is via secure IPsec VPN. I have had such structures in place now for nearly a decade and no on has broken into our systems.

Our clients are trained and we have very few viruses.
0
 
LVL 81

Expert Comment

by:arnold
ID: 40511220
The only absolute way is as Jan pointed out.
Though note prior to the existence of the Internet's availability, people were dumpster diving to get information from discarded documents. The social engineering to get access ..........
Francisco, as you and John pointed out, one can only secure it through assumptions/reliance on others to follow through.
One has to weight the complexity I.e. Firewalls/proxies/vlans that deal with both incoming and outgoing traffic.  I.e. You have a defined rule on outgoing new traffic.  Proxy servers/reverse proxy server through which requests go to internal servers or to external fields.
If you have VPNs connecting remote offices, users, have to be tightly controlled as those old be th weakest link.
Data encryption.
The question such as this always deals with the weaknesses exposed with this latest event.  

One has to navigated the exposure risk/versus the counter measures one has to employ.
I.e. There was a time where a server was directly exposed to the Internet, then it was shielded behind a firewall, then it was secured by a firewall and a reverse proxy,  etc.
0
 
LVL 5

Accepted Solution

by:
Sean Jackson earned 375 total points
ID: 40512400
A truly secure network is as easy to find as a unicorn.

And it's always a moving target.

That being said, a secure network needs to have sufficient defenses in place (good firewalls (good usually means nextgen, or adaptive -- can respond to behavior of humans), load balancers (for incoming traffic), a web proxy (to filter outgoing traffic -- watch for the malicious insider), etc), and it must have sensors that can detect an attack (it's not a question of 'if you're going to be hacked' but 'when you're hacked'), so the staff can take action. A good network will also be able to tell what was stolen/altered.

And on top of all that, you MUST have well-trained, current-skills staff on hand to mitigate and deal with vulnerabilities and attacks.
0
 
LVL 101

Expert Comment

by:John Hurst
ID: 40514285
@Francisco C  - Thank you and I was happy to help.
0
 
LVL 5

Expert Comment

by:Sean Jackson
ID: 40514937
@Francisco C, thanks for the points, and I am always available should you have any more questions.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
How can you see what you are working on when you want to see it while you to save a copy? Add a "Save As" icon to the Quick Access Toolbar, or QAT. That way, when you save a copy of a query, form, report, or other object you are modifying, you…
Enter Foreign and Special Characters Enter characters you can't find on a keyboard using its ASCII code ... and learn how to make a handy reference for yourself using Excel ~ Use these codes in any Windows application! ... whether it is a Micr…
Suggested Courses

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question