5 Best Practices to Improve Your Network Security

November 28, 2016

Ryan Warrick, Network Infrastructure Consultant, Sophicity

This article is posted with permission from Sophicity’s CitySmart blog and shares non-technical, municipal-relevant insights about critical technology issues, focusing on how technology reduces costs, helps better serve citizens, and lessens cybersecurity risks. Sophicity is solely responsible for the article’s content.
To understand the importance of network security, imagine your technology like it’s city hall. Inside city hall, you have people, offices, hallways, and assets like furniture, office supplies, and computers. To gain access to the inside, parts of city hall may be open to the public—like the unlocked front door from 9-to-5. Other parts may be off-limits directly (such as a locked door) or indirectly (such as a security officer or a sign that says “keep out”).

Depending on your security setup, unauthorized people may or may not have access to sensitive information within city hall. Network security works similarly by preventing unauthorized electronic access to your sensitive information.

First, to understand your network better we’ll define some terms that you may have heard your IT staff or vendor mention to you.
  • Computers and servers: Your city’s computers and servers are the most well-known, visible part of your network. They are the machines that connect users to their applications and the internet.
  • Switch: When your city has many computers and servers, a switch is like a “Grand Central Station” for your network. Like a busy airport directing flights, a switch directs information and data in an efficient way to each computer and server.
  • Router: Your city might have multiple networks. For example, city hall may have one network with its own computers, servers, and switches. The police department may have its own separate network. A router helps these different networks communicate with one another as well as connect your networks to an additional global network—the internet.
  • Cables: Cables are the wiring that connects all of these devices together.
  • Firewall: Probably the most important part of your network, a firewall is like your locked doors at city hall. When internet information from the outside tries to enter your city’s network, your firewall decides which information to let in and which information to keep out.
Altogether, your network needs to have the right, properly functioning and configured equipment to keep you secure. Here’s how to get your network security optimized for your city.

1. Perform a network security assessment.
To assess your network security, you need to first identify everything that makes up your network—computers, servers, switches, routers, firewalls, etc. This assessment should include non-technical insights (such as information gaps about what’s on your network) and technical insights (like scans for security vulnerabilities on existing equipment). Overall, you’re looking for any security holes that could open you up to a cyberattack.

2. Lock down access points to your network.
Just as there are many ways to enter city hall (some legal and some illegal), there are also many ways to access your network. You’re essentially looking to add locks to any unlocked doors that you discovered in your network security assessment. Examples of locking down access points include:

  • Configuring your firewall properly in order to restrict information coming into your network.
  • Preventing people from using unauthorized external devices (like a flash drive) on your network so that they don’t introduce a virus or commit a data breach.
  • Restricting how employees, vendors, and other third parties remotely access your network—whether through a virtual private network (VPN) or another kind of remote access software.

3. Set up and configure your network devices properly.
Improper network device configuration (such as using default settings or creating weak passwords) can leave your city open to security risks. For example, a firewall contains many ports (or doors) that open up your network to the outside world. If you leave certain ports open, you could be introducing major security risks—similar to leaving a city hall door open at night. Even switches and routers can become security risks if improperly configured. Make sure you have trained IT professionals set up and configure your network devices.

4. Continually monitor your network.
Ideally, a combination of automated software and trained IT professionals are needed to monitor your network 24/7/365. Hackers and other unauthorized users are always a threat to any network—no matter how “insignificant” you feel your network looks to an outsider. Any city is a ripe target for hackers. When monitoring network security, your IT staff or vendor will look for suspicious activity, signs of outside hacking or cyberattacks, and security vulnerabilities in your network.

5. Create a documented network security policy.
While it’s great to solidify a lot of the technical underpinnings of your network, you also need to create a policy that documents both technical and non-technical network security requirements. That may include quality control related to network hardware (such as modernizing equipment on a regular schedule), requirements pertaining to authorized users and remote access, and both proactive monitoring and testing of your network to eliminate as many security threats as possible.

Just as you lock the doors of city hall at night, you need to lock the doors of your network. By assessing your network security, adding the “locks,” and rigorously monitoring it, you’ll greatly lessen the chance of a cyberattack compromising your city.

Back to Listing