Welcome to the Inside Secure-IT series of articles. Inspired by a post done by the US-CERT at the beginning of October describing the threat posed to MSP's by hackers and other ne'er-do-wells. Our response, a comprehensive series of posts that takes a look at what we do at Lighthouse IT to keep your company data secure both on and offsite, and why cyber security is so important.
How can you be sure that your network is safe?
Both network security and device protection are needed to ensure the safety of a company. Having a great layer of security for your network means that you can sleep at night knowing nothing malicious is happening to your business. Device protection brings that feeling a step further and lets you feel safe about each device on your network as they each have another layer of defense.
WHAT IS ENDPOINT PROTECTION?
It is one of the methods that we employ to keep data breaches at bay. Endpoint Protection is a networking term for securing devices like computers, laptops, cell phones, servers, and other computing devices. These devices are often the most exposed to attacks for a multitude of reasons. Mobile devices change networks when they go from place to place which may not be all that secure. Other devices browse the web which is open to everyone and everything.
Endpoint Protection works a in a manner that's proactive against threats. The bulk of this falls under an Intrusion Detection System (IDS) which will monitor traffic that goes in and out of the computer, denying access to anything that looks malicious. This helps protect against new threats that an anti-virus many not be able to stop or simply does not yet know about. Endpoint Protection also employs the help of data encryption and permissions to make sure that sensitive information stays put.
At Lighthouse IT our Endpoint Protection solution is Sophos Intercept X. It uses deep learning to actively identify threats almost instantly and is built off of technology developed by DARPA. Intercept X has also partnered with other leading anti-exploit solutions to protect against a vast range of threats. We at Lighthouse are confident in Intercept X's ability to allow us and our clients to live in technological Harmony.
What is Mobile Device Encryption?
Mobile Device Encryption is the process of taking data stored on a computer and running it through a cipher, thus making it unreadable to anyone without the cipher's key. Encryption is deployed on devices like laptops, tablets, and phones in one of two means.
- The first is software encryption which is more prevalent on laptops and tablets. Software Encryption is the use of a downloadable software the encrypts the data on a device. The benefits are that software encryption is cheaper to implement and does not require opening the device up to install extra hardware, however, it does share the same resources as the rest of the device which causes some slowdown of the machine.
- The other form of encryption is by use of hardware, more often found in cell phones. This uses separate hardware to perform the encryption on the device and is unencrypted when signing into the phone. Hardware encryption is more robust and harder to crack from its software counterpart, but that comes the cost of being more expensive.
Encryption is a must for anyone that works on the go where devices are more likely to be lost, stolen, or spied on. It makes sure that in the case of the device being lost or stolen, the data is unable to be read through any means until the password is entered into the device. Data going both in and out of the computer is also encrypted, which makes it near impossible for hackers to intercept data. In tandem with the use of a VPN and Endpoint Protection it can make devices into a digital version of Fort Knox.
At Lighthouse IT Solutions we employ Sophos Central Device Encryption to encrypt our mobile devices. It builds itself off of BitLocker, an encryption service that comes pre-installed on Windows devices, making it easier to manage and interact with. Sophos also encrypts data as soon as it is created, making sure that every bit of info is secure.
WHAT Are Firewalls?
Firewalls are one of the most essential yet basic forms of network security. They are often the first line of defense for networks both big and small. Firewalls can either be physical hardware that is installed or software that runs on a server or computer. Firewalls got their start by allowing and blocking data packets on a network but have gone well beyond that as technology has progressed. Now Firewalls can be tasked with managing most traffic that comes and goes on the network and combined with smart detection is able to register evolving threats. In addition, Firewalls are also able to block websites that are deemed undesirable and manage VPN services for a company.
Firewalls are such a staple of security for a business that most people are hard pressed for a reason not to install a firewall. We push our firewall to its limits by using it for all it's worth. It is our first line of defense against malicious code. If we are out of the office without our own computer, we are able to use the firewall's VPN to connect to our network securely. Our firewall is also tasked with web filtering to make sure employees do not go to shady sites.
Lighthouse IT uses Meraki as our firewall solution. Meraki products are solid all around and their firewalls are no exception. Their firewalls are able to provide the power and reliability that our company needs and has a well-designed dashboard for managing the entire network.
WHAT is Wireless security?
Wireless security combines parts of many different security features including encryption, schedules, and isolation. WPA stands for WiFi Protected Access and is the primary security in wireless networks. Like other forms of security, it uses encryption to disguise data as a jumbled mess. This combined with a password makes for great baseline security for home networks and a nice add-on for business class networks. Scheduled wireless is as it sounds. It allows wireless networks to be turned on and off at certain times. Isolated guest networks are another way to bolster security. What these do is they grant wireless to people who you do not want on your main network. Devices on this isolated network are not able to see or interfere what is on the main network.
All these together make for a pretty secure network. Encryption is always nearly to impossible to crack allowing data to reach its destination without being spied upon. Scheduled wireless can be used to disable wireless at certain times, making sure that when people should not be connected to WiFi, there is no WiFi to connect to. Isolated guest networks are great when people come and go, since these networks are completely separate from your main WiFi and network, despite being hosted by the same device.
THE ULTIMATE SECURE-IT CHECKLIST: STAY AHEAD OF THE SECURITY THREATS!
Protect your company's well-being. The best defense is an aggressive offence. Be active in securing your data. Passwords, networks, backups, mobile-devices, etc. are all critical places that a company cannot afford to have compromised. Follow each item and make sure you meet top security best practices.