A Quick Blueprint for a Solid Network Security Plan
Network security is exactly what it sounds like: the practice of preventing networks from unauthorized access and misuse. If it’s poor, a business can find its IT infrastructure modified without consent, and suffer destruction, improper disclosure of information, or a loss of confidential and sensitive data that’s essential to its competitive advantage.
Good network security is absolutely crucial – and that goes for individual users as well as entire organizations.
Security plans: The good and the bad
So, what does a good security plan look like? In truth, it varies by company, but there are some guidelines you can follow to ensure you’re doing a good job. A checklist for good practices could include:
● Make sure your network is segregated
● Architect network security devices based on best practice and apply a layered approach
● Apply proper security baselines and framework
● Implement encryption for all data in transit
● Be vendor-agnostic but ensure your tools play nicely with each other and are scalable
● Comply with security regulations
● Monitor traffic and correlating suspicious events
From there, we look at enforcing it with a network security policy. This is a formal document that outlines the principles, procedures and guidelines to monitor and maintain security on a network. A good security plan will work in tandem with a network security policy, and the procedures for applying that policy.
However, no matter how well you’ve planned, all it takes is one bad security practice to undermine all your efforts. A chain is only as strong as its weakest link. Some common poor practices include:
● Using weak or default passwords on network appliances
● Using end-of-life devices or not patching with the latest firmware
● Defining unnecessary access rights on network security devices
The key elements of network security
As part of a network plan, security experts need to determine how network security tools will be used effectively in conjunction with security policy. Tools commonly used by organizations include:
● Firewall/next generation firewall, firewall configuration and change management tools
These are network security tools to block unwanted traffic and monitor incoming and outgoing network traffic.
● VPN/next generation VPN with zero-trust model
A virtual private network (VPN) provides a private network across the Internet and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Next-gen VPN solutions provide software defined perimeter (SPD) where access is defined to solutions rather than data centers, which provides a more secure structure than traditional VPN solutions.
● Content filtering
Restricting or controlling web content. This is particularly important for preventing breaches on the employee side.
● Email protection
These tools protect against spam, malicious, phishing and fraud email messages
● Detection/prevention systems
Threat detection and prevention technology examines network traffic for any malicious activity.
● WAF
A Web Application Firewall (WAF) helps protect web applications from known attack types, filters BOT traffic, blocks volumetric attacks and alerts abnormal requests.
● NAC
Network Access Control (NAC) tools help control who can and cannot access the network.
● DLP
Data Loss Prevention systems help protect staff and other users from misusing and possibly compromising sensitive data or allowing said data out of the network.
● Security information and event management (SIEM)
SIEM gathers and correlates the relevant and required logs and data from multiple sources to identify offenses and deviations and mitigate them appropriately.
Work with other teams
No security team should operate as a silo. Effective security involves a coordinated and collaborative effort from every area of the business, as architecture and security by design will always need to be enforced at various stages of projects and processes. At Ritchie Bros., all of our technology teams work closely to ensure proper best practice is followed and applied to network security at all times.
As part of our overall cybersecurity program, we take a continuous approach to reviewing and maturing our overall cybersecurity program through people, process and technology. The CSOC team is actively monitoring and responding to alerts and anomalies. We also leverage best-in-class and enterprise-based technologies and continually address risk while maturing our security posture.
