Network setup best practices: 4 protection mechanisms all networks should have
In order to help protect key information and databases, many organizations will be very particular in how they set up their network and what protection mechanisms they put in place. But how it actually occurs and what specifically is used can vary dramatically from one organization to the next. A well-organized and well-protected network should always have the following features:
1) Separate Wi-Fi networks for guests and approved users
This one is becoming increasingly commonplace, and for good reason. By providing separate networks for both guests and core staff members to use wireless networks simultaneously, organizations can make sure that their customers have the connectivity they desire while staff can accomplish critical work both on the go and free from interference from non-staff members. This not only ensures adequate bandwidth for mission-critical activities, but it also can go a long way towards keeping everything and everyone safe.
This kind of network setup is ideal in a variety of settings, like hospitals and retail stores. In healthcare in particular, Wi-Fi segregation allows patients waiting for appointments to browse the web at their leisure, while also ensuring that doctors and other staff members can access electronic health records and communicate securely, among many other tasks. It also helps to keep guests away from the critical assets that healthcare teams need to view, so they are unlikely to be tampered with by patients.
2) Rules based on users and time of day
Not everyone in your organization needs access to all of your data all the time. For example, while your CTO and CIO should be able to look at databases containing customer information when necessary, the summer intern probably doesn’t need to see this data, nor should they be able to get even close to it. These kinds of user-based rules can go a long way toward stopping insider breaches, ensuring that only highly trusted individuals are able to look at and access the most sensitive data you have on hand.
Similarly, implementing rules based on time of day can be a helpful way to set up resources. Cybercriminals can often instigate an action during off-peak hours or on weekends. By ensuring that only a select few are able to access certain key assets and hardware during non-work times, these kinds of attacks can be mitigated. That way, no one can easily access databases at midnight on a Saturday, or any other off time.
Learn Why Untangle is the #1 Choice of IT Pros
3) A captive portal prior to access
A next-generation firewall or UTM solution helps to protect a network by allowing the administrator to create and implement complex rules to better filter out bad traffic and more effectively oversee the traffic that makes it onto the network. Firewalls are a crucial first line of defense for any network.