12 IT Tips for the Holidays Breakdown – Thank You!

Thank you everyone for participating in the 12 IT Tips for the Holidays Sweepstakes. We hope these tips helped raise network security awareness in your organization. In case you missed the tips or want additional clarity on each, we offer a little more guidance:

  1. Fully secure Internet traffic with SSL Inspection.
    • As network traffic shifts to more encryption, SSL inspection is needed to maintain control of your network.
    • It’s important to plan the activation of HTTPS Inspector, as it requires changes to devices on the LAN.

  2. Use session viewer to track and troubleshoot end user issues.
    • Session Viewer allows you to view the traffic flowing through your network, whether the traffic is inspected or bypass.
    • The Session Viewer is excellent for ensuring if traffic is flowing through the expected rack of applications.

  3. Use strong passwords, the more random the better.
    • Password strength is a measure of the effectiveness of a password in resisting guessing and brute-force attacks.
    • An overall password policy is more important than a specific password length or complexity. Two-factor authentication is even better.

  4. Conduct regular audits of permissions to access content and applications.
    • As devices and applications are shifted to other employees, regular audits are valuable for identifying obsolete traffic policies. Regular audits are useful to simplify cluttered traffic rules.
    • Use this opportunity to also remove obsolete accounts on all of your systems and apps. Neglected accounts leave you vulnerable.

  5. Segment your networks for guests, employees, and servers.
    • Separating networks by type of user simplifies traffic rules;categorize the traffic using source interface, VLAN, or IP range instead of specific device.
    • Protect your company servers and provide internet access to guests by separating the types of traffic on the LAN.

  6. Always use endpoint protection, even with gateway protection in place.
    • Endpoints can still be vulnerable to threats that aren’t network borne, like malware on USB sticks.
    • Endpoint reports provide historical records of traffic for forensic analysis of issues later.

  7. Point your DNS to Google for privacy.
    • Many ISPs redirect DNS lookups to ad-based sites or record site lookups.
    • The use of non-ISP DNS servers may not work on some ISPs. Test Google DNS lookups before using.

  8. Don’t use WEP; Enable MFA whenever possible.
    • MFA = Multi-Factor Authentication
    • WPA2 is the recommended Wi-Fi encryption.

  9. Test from another machine to confirm a network-wide issue.
    • Narrow the cause of a network issue to which devices are affected.
    • Always test VPN from the external side of the VPN server.

  10. Try pinging by IP address instead of domain name.
    • If pinging a name fails, use the IP address instead to determine if it’s a DNS issue.
    • Start with pinging the IP address of the gateway to see if it can reach other networks.

  11. If the problem started after a recent change, revert the change.
    • Record changes made to the endpoint so issues can be tracked down to which settings change.
    • Restrict setting changes to a few small set of individuals to track changes more accurately.

  12. Have you tried turning it off and on again? ;-)
    • Often this is the simplest fix!
    • Make sure you have saved important files in the cloud or your external hard drive.