Computer infections are nasty things, they do damage cause network congestion and result in loss of business and network outages. Malicious programs cause big problems for large businesses which depend on IT to run their business, being a victim and suffering the loss of your IT network can mean the end of the business for some companies.
Thankfully there are a lot of tools out there which we can use to rule ourselves or infections and there.
Anti-virus is one of the most important steps to protecting your network. You should ensure that all the computers and devices that connect to your network have anti-virus protection no matter how big or small.
It only takes once device which can take down the network and cause network problems.
As well as making sure that all hosts have virus protection you need to make sure that each host is being updated automatically. This is important as it will help to patch and holes you have in your security.
Over a long period software developers and manufactures will develop updates for their software.
Most of these are pushed out or available on the manufactures website but they are important to apply as they patch holes and security vulnerabilities in your network which would otherwise cause you issues if someone discovered them and decided to exploit them.
Admin rights and restrictions
If all the computers on your network weather this be a home or business environment have admin rights to the machine this could cause you a lot of problems. With admin rights anyone who has access to the computers can install 3rd party software which could compromise the network and cause a lot of network issues.
To avoid this make sure that you lock down all other users on your network or take away their admin privileges, this will help to protect your network in 2 ways, the first is that the user will not be able to install 3rd party software which may contain infections and bugs.
The other reason is that it will stop a virus from doing something similar, if a user gets a virus on there PC while there logged in but they have no elevated rights on the computer or network the virus will be unable to do anything and you will have minimized its impact on the network. IT only takes one PC to become compromised and then you might have a serious problem on your hands.
Outside attacks and Phishing
Its not very often that you get attacks from outside of the network but there not uncommon. Some outsiders will run a scan going through thousands of IP addresses trying to find open ports to connect to.
If you have open ports on your router make sure these are secure and that you have the servers that you want to be access publicly in a DMZ secure environment.
A DMZ is a separate network which allows outsiders to connect to the server, access its resources while being separate from your local network. This is used when a company has an external web server or a website that’s hosted at the company headquarters.
Users need to know that phishing attacks do occur and most of the can come in the form of social engineering. Where a user calls the company pretending to be a technician or someone from a legitimate company trying to fix an issue.
Most of the time they ring companies trying to find a user with a legitimate problem and when they do they will usually try and get the user to install some software or change settings which allow they to connect to the network.
The best way to avoid this happening is to educate everyone about the dangers of phishing attacks, have a set procedure when someone from outside of the company calls trying to assist with a technical issue.