Many large companies, governments, militaries, etc. hire teams of top notch security personnel to provide continuing evaluation and guidance to keep their organization as secure as possible. But, what about the small to medium size companies where there may be only a small team of administrators, engineers, etc. who take care of everything in an environment? Or those smaller offices who have no local technical support. From a small doctor office to a larger mortgage company, how can offices such as these who utilize sensitive data help keep their local computer network secure?
Office 365 offers some of the most advanced security options available, but what about the local office network where that cloud data may be accessed from? This blog provides some practical concepts about how small to medium size organizations can take advantage of the large organization approach to security and make it their own, in a scaled down approach. Below is general information about how the Microsoft Cloud provides bleeding edge security services in the cloud, but also areas to consider to protect a small to mid-size company local network. It is my hope the topics below will help inspire small office environments to review and enhance their local network security.
Security in the Microsoft Cloud
With over 100 million Microsoft Office 365 active users reported as of June 2017 there is a very good chance you are reading this article and either already using Office 365 in some capacity or are seriously considering it. The Microsoft Cloud is extremely scalable and used by small to large companies throughout the world, along with governments and militaries. The Microsoft ecosystem of products, while already mature, are continuing to evolve in both feature sets and security. It is an environment like this that I want companies that hold my personal information to consider using.
Microsoft does a fantastic job in explaining the security capabilities offered in its cloud as well as how they are constantly keeping it secure. Since the focus of this article is about an approach to help secure local office network security, I am providing this link to review information about Office 365 Security and Microsoft 365.
Network Security in a Small to Medium Size Office
While the Microsoft cloud uses cutting edge security technology, organizations also need to be concerned with their local environments where network attacks are likely to happen. Below are several key areas to consider to increase local network security.
Microsoft Windows 10
Using the latest operating system throughout a company network is as important as ever. With the release of Windows 10 in September of 2014, Microsoft launched the most capable and secure operating system ever. As an example, it was evaluated by some of the top security personnel at the United States Department of Defense who quickly mandated a rapid deployment of the operating system to boost cyber security.
For the small to medium size companies without the team of security analysts, I recommend they follow the actions from large organizations to help increase their own security posture. Having even just a few pockets of older systems running Windows XP, Windows 7, Windows 8.1 will continue to leave a network susceptible to vulnerabilities. All systems should be upgraded to the latest Windows 10 operating system and configured to automatically receive and install updates.
Antivirus software today no longer scans for just viruses, but also monitors for malware, ransomware, spyware and a host of other threats. Included with Microsoft Windows 10 is Windows Defender (part of the Microsoft Security Suite) that has proven to be a very capable scanning product when compared to a host of other products in the market. Scanning for threats on local desktops and laptops continues to be an important part of a comprehensive security approach. If your office does not already have an antivirus solution being used from companies such as Symantec, McAfee, Sophos, etc. be sure that Windows Defender is enabled and is always updated with the latest scanning definitions (part of Windows 10 updates). More information on Windows Defender is available in this link.
Host Firewall Configuration
When people think of network firewalls, they often think of the perimeter device placed between the Internet and a company network. While this firewall is critically important to have in place and properly configured, so too is a software firewall on a desktop computer, laptop, etc. Remember, firewalls keep out unwanted network traffic, allowing only the network ports needed by applications that are specifically configured by an experienced network administrator.
Windows 10 (and previous versions) has an included software based Windows Firewall enabled by default with protection rules already in place. Ideally, the Windows Firewall should be left enabled and new rules created based only on a specific need. Software firewalls are also available from security companies such as Symantec and McAfee. Whichever manufacturer is chosen to provide this service, it is important to understand how important this part of an overall security strategy is and why a host firewall must always be enabled on laptops and desktops. The less firewall rule exceptions created, the more secure an environment will remain.
One of the biggest recommendations advised today to increase an organization's security posture is to keep all operating systems and applications updated. Remember, when a security patch for Windows is released, for example, you are being told that a vulnerability was found and there is a patch to correct it. At the same time, someone with a malicious intent is also being told of the vulnerability that can then be exploited. It is therefore critical to apply updates as quickly as possible as soon as they are released.
In addition to operating system updates, applying updates to antivirus/antimalware scanning solutions and any other device that can hold company data is also important. This includes smartphone operating system updates from Apple and Google. Operating Systems from these two companies are used by 95% of smartphones today to read your company email, review your company documents, etc. It is important these devices are also stay updated.
Perimeter Office Network Protection
Years ago a router and firewall were the two common components used to protect perimeter environments. Then came devices from companies like SonicWALL and WatchGuard offering the same routing and firewall capabilities combined with enhanced scanning capabilities. Protecting the perimeter of an organizations network is as important as ever today for small to larger offices. Fortunately, the devices from SonicWALL, WatchGuard, and others offer enterprise grade protection for much smaller offices at a fraction of the cost. These devices scan every network packet coming into and leaving your network - including those that are encrypted. These services from SonicWALL and WatchGuard scan for malware, ransomware, botnets, viruses, etc. They are also intrusion detection/protection devices that are constantly monitoring and preventing external attacks from reaching your internal network. Recently publicized ransomware attacks are thwarted by these devices as they also monitor for those trying to exploit newly discovered vulnerabilities for systems that are not updated with the latest patches.
Many of these network scanning devices require annual subscriptions from the manufacturers to keep these units updated and scanning for the latest attacks. Without an active subscription, the effectiveness of these devices can be diminished as attack vectors evolve over the years. Enabling these scanning services typically do not introduce additional network delays. While the setup of these devices is fairly straight forward for an experienced technician, a small office will want to consider having a technical consultant perform the setup as well as help in the decision process into what sized unit and from which manufacturer to purchase.
Network security is not a goal line that is crossed, but rather is a constant review of new threat vectors, detection/protection technologies and security posture enhancements. The ideas suggested in this blog may be used by small to mid-size company technical staff to help further secure their office environment. Microsoft Office 365 offers bleeding edge security capabilities, but never overlook the need for local network security as well. For environments with very limited technical personnel, consider engaging with a technical consulting company for a security evaluation of your network. Use this article as a guide to ask questions. Never assume a company is too small to be a target of malicious activity.