Initial Guide to Network Security

I am a lone IT guy working for a small company with about 20 computer users on an Internet-connected LAN.  In light of all the public hacks lately, my management is looking for me to provide them with a two-page summary of what our options are to deal with potential threats to our network.  For now, we are mostly concerned with external, Internet-based threats and intrusions.  

I have knowledge about networking but am not a network security professional.  I need a preliminary, overall, general guide book as to the resources available to someone in my position.
jd1114Asked:
Who is Participating?
 
Bill BachConnect With a Mentor PresidentCommented:
"Network Security for Dummies" is a good starter text.

Your options are simple:
- You need a good firewall at a bare minimum
- A network edge security/inspection device is a really good idea, too.  You can get two in one though solutions like an Untangle appliance.  This adds a lot to the cost, but it is well worth it to block malware at the edge of the network.
- You need a good malware scanner on each machine.
- You need good USER TRAINING -- to teach people what a "bad" email looks like.  This is actually more important than a malware scanner!  If you keep people from opening up the malware in the first place, it reduces your attack footprint considerably.  (Try www.knowbe4.com for ideas.)
- You need solid backups most of all.  You need multiple off-line copies (for archive, and to keep them safe from malware), and you can leverage on-line replication technologies for improved RPO as well.  Replication can also aide in disaster recovery, whether you move the data to the cloud or to a server in the owner's home.

Beyond that, it's really about multiple layers of protection -- multiple backups, multiple scanners, etc., and staying within a reasonable budget.
0
 
awed1Connect With a Mentor Commented:
20 users on an Internet connected LAN, does that mean that there is no office where a server etc. resides.
If there is an office with a server, a firewall appliance is essential.
Also, enforced password protection which require one to log back into the computer after a short period of time is essential.

For a short summary, this does not look too intimidating: http://www.networkworld.com/article/2274081/lan-wan/chapter-1--overview-of-network-security.html It is only two web-pages long.
0
 
gaspanConnect With a Mentor Commented:
Bill did provide you with a good startup guide. Alternatively you can also look at a comprehensive Cloud managed service like Webroot that provides you with all the protection you need including real-time updates and threat intelligence. Managing network security can be a full time job even for a small network, so sometimes outsourcing makes lots of sense. Looking at a solution like this, will pretty much also summarize the threats you need to worry about
0
Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

 
EirmanConnect With a Mentor Chief Operations ManagerCommented:
"You need multiple off-line copies" .... Just to be clear ..... offline means not even connected to a network.
-----------------------------------------------------------------------------------------------------------------------
I highly recommend that paid-for version of this product is installed on each PC
https://www.foolishit.com/cryptoprevent-malware-prevention/
It's great value as it's a once-off purchase with no ongoing fees.
---------------------------------------------------------------------------------------------
Make sure that NO PC is running with Administration rights unless it is needed at that point in time.
0
 
shedrack okparaConnect With a Mentor Systems AdministratorCommented:
Hi, just to add to what they have said, being the only IT guy in the company you have to be partly paranoid about almost everything because a user (co-worker) not being IT savvy can easily compromise your network even by just clicking an ad from a web page.... i would strongly advice you practice with your own virtual lab thats what i used and still using, then apply the skill from the resources that has been suggested to, the fun thing about a virtual lab or environment is that you can go crazy with imaginations of ways you feel your network can be compromised.NOTE dont link your hypervisor to your production network, make your test lab a closed network.If u need help on how to set up a lab you can contact me for a one on one
0
 
jd1114Author Commented:
Thanks everyone for all the great help.  Does anyone have experience with network security companies such as FireEye, CrowdStrike, or LastLine?
0
 
EirmanChief Operations ManagerCommented:
Seems like a fair distribution of points to me.
0
All Courses

From novice to tech pro — start learning today.