Network Protection

Learn about general ways to protect an organization's network, including safeguarding its Wi-Fi access and using cloud services carefully.

Overview

A network can be thought of as the circulatory system of an organization as it provides connectivity and communication in the following ways:

  • Email

  • Connectivity to printers and scanners

  • Access to data repositories and cloud-based apps

  • Instant messenger and chat

  • Streaming music

  • Voice over IP (VoIP)

  • Web browsing

Although a network provides a conduit for legitimate activity, it’s also the same system that attackers can leverage to:

  • Monitor activity

  • Exfiltrate sensitive data

  • Install backdoors and other malware

Therefore, the network’s security is paramount.

Providing Wi-Fi access

The organization may offer Wi-Fi to provide internet connectivity for employee’s mobile devices. A recommended way to provide this Wi-Fi service is to have two separate networks:

  • One for production access

  • One for guests and personal use

While the production network should be monitored, we may not want to monitor the guest network. This is because there may be activities that the organization doesn’t want to be liable for. If this network isn’t monitored, the organization has plausible deniability if malicious, inappropriate, or illegal activity is discovered to have been performed by someone utilizing the network.

Caution when relying on cloud service providers

Organizations increasingly depend on cloud service providers for the following services:

  • File and data storage

  • Software as a service (SaaS)

  • Computational power

There are many more examples. Yet, this means using and relying on networks that are out of the organization’s direct control. Trust has to be extended to these providers. The challenge is taking advantage of everything the cloud provides without increasing the risk to the organization or expanding its attack surface. The importance of performing a thorough review of agreements with cloud service providers can’t be overstated.

Get hands-on with 1400+ tech skills courses.