Network Security Tips & Guidelines

Each year, attacks on cyber networks have resulted in the loss of important data costing businesses millions.¹ The annual Travelers Risk Index shows that many companies surveyed worry about cyber risks. Aggressive and extensive protection strategies may help you prepare against external attacks and maintain the safety of your network.

Creating layers of protection can help provide a sound strategy for network security. This approach uses multiple devices, products and procedures rather than relying on a single method to enforce security.

10 steps to a more secure network:

1. Set clear administrator privilege: An important first step in providing security for your network is to establish and enforce administrator privileges, managing who has authorization to install software and change system configuration settings.
2. Secure your private network: Many intranet or private networks consist of multiple local area networks (LANs) designed to connect your computers to resources, such as printers, servers and other applications. Organizations should trace department business functions from users’ computers back to the physical servers that house their data. Your network design should allow users to have access to the information they need to do their job, without allowing them to access other non-job-related information.
3. Secure endpoints with an endpoint detection and response (EDR) solution:  EDR helps protect against malicious attacks and can provide far greater capabilities than a traditional antivirus solution. EDR can help protect and monitor every asset in an enterprise network by identifying suspicious activity before the rest of the corporate network is exposed to unnecessary risk. EDR technologies monitor for anomalous behavior on each system rather than simply searching for malware.
4. Monitor the network: You and your cybersecurity providers should implement network logging and monitoring strategies. These allow companies to monitor unauthorized data transfers and unauthorized attempts to access your private network. Detection systems should provide responsible parties with appropriate alerts and scheduled reports.
5. Maintain firewalls: Firewalls are a fundamental network security solution. They are used to permit only appropriate traffic to enter and leave the private computer network. In addition to using firewalls to protect your private network from the Internet, firewalls installed within your private network can be used to segment the network into unique security domains supporting enhanced layers of defense.
6. Establish intrusion detection and prevention systems: Intrusion detection systems (IDS) and intrusion prevention systems (IPS) can work together with firewalls to analyze traffic to determine if it is legitimate. An IDS product will provide alerts on invalid traffic, while an IPS will block the traffic.
7. Protect remote access: If your employees are allowed access to your private network from remote networks, this access should only be through a firewall that protects your private network. Another option is to utilize a Virtual Private Network (VPN) that uses encryption and multifactor authentication (MFA) to provide greater security.
8. Isolate guest wireless local area network (WLAN): If your company offers WLAN for customers, guests and visitors, it is important that it is kept separate from the main company network.
9. Use encryption programs: When used properly, encryption technologies can virtually prevent files, directories or disks from falling into unauthorized hands.
10. Define and practice continuity plans/disaster recovery: Once you have completed mapping and securing your network, assess any critical equipment or systems and evaluate the potential business impact if they should fail or are breached.

Learn more about cyber insurance from Travelers.

Sources

¹ https://www.verizon.com/about/news/2023-data-breach-investigations-report