technology

Is Your Corporate Network Being Properly Managed?
by

Is Your Corporate Network Being Properly Managed?

 Whether your network is under a cybercrime investigation or not, it’s important to take the time to properly assess the management of your network. At a base level, this is done by reviewing the network diagrams to see if it’s current and accurately reflects the network layout and interconnections. It also includes reviewing the configuration of computers, and how they’re connected to the network, how and where servers are installed, configured and maintained, and how Wi-Fi is deployed and configured. In this article, our team of IT professionals in NJ will go over in more detail how to assess the management of your corporate network. 

Review Network Diagrams 

Network diagrams are critical in assisting IT technicians during network outages, emergencies, and disasters. These diagrams also keep IT staff updated on the size, growth and location of the network. Non-existent or inaccurate network diagrams can cause technicians to miss critical portions of their IT infrastructure, especially when new devices are implemented. Proper documentation for network diagrams should include the layout of the entire network, location of all devices, identification of all the VLANs, and IP address schemes across the entire infrastructure. It should also list the Internet providers names, IP address configurations for external networks, and or contact information, so your IT team can quickly contact the telecom providers and technical support team when needed.

Server and WiFi Configuration and Use

It’s essential to review the installation, configuration and maintenance of the computers and installed software products. How IT technicians deploy and use their computers can tell you a lot about the management of your network. If wires are strewn along the floor and not wired through walls; if virus mitigation is not installed or kept updated; if operating system updates are not performed on a specific schedule; these might be indications that their work ethic, confidence and professionalism are lacking. When we see computers deployed with no regard for their configuration on the network, it’s often a sign of inadequate security knowledge or diligence. Remember, computers and end users are often the initial targets of ransomware or network intrusions because they are the weak links! 

On top of server management, it’s also important to check if there are any Wi-Fi devices installed and configured on the network. These devices are often used to extend the network to locations in a building that are difficult or impossible to wire. It’s often used to provide guests with free Wi-Fi, but how the Wi-Fi is deployed needs to be reviewed. In short, corporate Wi-Fi must be on the inside corporate network, locked down with strong encryption, and protected with a complex password. The free public Wi-Fi, on the other hand, must be on its own external network or VLAN and not deployed on your internal network. If the public Wi-Fi is deployed on the internal portion of your corporate network, which we see many times, this would allow hackers to sit outside your building, access the public Wi-Fi and gain access to the internal, sensitive parts of your company network, bypassing the firewall.

Properly Manage Your Corporate Network with Competent IT Support in NJ

Reviewing all these areas can provide an overview of how your network is deployed, secured, and managed. Without proper documentation to rely on, an IT team cannot react appropriately and timely to network delays, outages, and other serious cybersecurity issues like a hacker trying to dismantle your business! If you need a thorough assessment of how your network is managed, and to perhaps create new documentation to ensure everyone is using their corporate devices appropriately, please give Network Security Group a call today. Our IT support team can review and make expert recommendations to your current network diagrams or create brand new documentation that ensures your company network is operating efficiently and safely. 

To learn more about our managed IT services for corporate businesses in NJ, please visit us at: 

https://www.nsgi.com

*This article includes excerpts from “Pocket Guide for Investigating Ransomware and Network Intrusions” written by John Lucich, the Founder and CEO of Network Security Group, Inc and eForensix

This blog was originally  published at https://www.nsgi.com/is-your-corporate-network-being-properly-managed/

What Computer Policies are Essential for my Employees?
by

What Computer Policies are Essential for my Employees?

 Policies are rules set forth by your company on what your people can do and what they are absolutely prohibited from doing in the workplace. Policies are made for all areas of corporate life, but they are especially important for identifying how your employees can use your company’s technology, including your corporate network and computers. There are computer policies that are standard for each company, but there are also different policies based on a company’s unique and specific needs. Which means we don’t recommend having your HR Director just download a set of generic policies from the internet and implement them the following day. Yes, NSGi will give you a solid place to start, However, we highly recommend you review and update the policies below to better suit your network security needs

  1. An “Acceptable use” policy provides the criteria for giving an employee the use of a computer and informing them of its acceptable uses. The policy must be clear that employees are provided access to a computer, and this resource has to be used for their employment duties.
  2. Internet use policy provides the criteria for giving an employee access to the Internet, and should clearly state that corporate technology must not be used for personal reasons, such as shopping, social media, browsing inappropriate sites and more. Some companies allow and state in their policy that a certain percentage of the employees time during work hours may be used for personal online interests. We believe that this is a slippery slope and can create unintended consequences. How do you prove or disprove the time spent on personal Internet usage, as it may be subjective? Additionally, employees increase the risk of infection and intrusion through this type of non-work related activity.
  3. Email account policy provides the criteria for giving an employee an email account; identifying the limitations and use of the account; precautions they must take to ensure they don’t send confidential information or click on potential malware and ransomware; as well as notices of account monitoring by management.
  4. User account policy provides the criteria for giving an employee a network account and identifying the limitations and use of their account. Your HR Director should have a direct line of communication with your dedicated IT support team to request new accounts and the disabling or termination of past user accounts.
  5. Remote access policy provides the criteria for offering an employee remote access to the network, which enables them to work from home, and while traveling. This policy must also state the process for requesting remote access, who is authorized to approve each request, and the process and security protocols required to implement the remote access securely.
  6. Information protection policy defines confidential data, HIPAA data, and PII (personally identifiable information), depending on your industry. This policy needs to stress that each type of data has its own requirements and legal consequences for violations.
  7. Firewall management policy is specific to network technicians. It identifies who suggests and approves the rules configured in the firewall, and the process they must follow to implement the firewall rules. Many IT technicians are told by third-party vendors that they must open ports on the firewall to allow access to the vendor’s on site server. That’s why there must be a clause within this policy to identify and weigh the security risks and ramifications.

Protect Your Corporate Network with Our IT Support Company in NJ

We cannot stress this enough: computer policies should be exclusive to each company and must be well thought out. Yes, there are many policies that other corporations use, which may also be useful for yours, but they should be reviewed and updated as needed. If you need help reviewing and implementing new computer policies for your team, please give Network Security Group a call today. One of the first things we do for new clients is perform a comprehensive assessment of your network, in order to make the best security recommendations possible. This often includes instilling new computer policies and end user awareness training for all of your employees, thus ensuring everyone is using company computers, safely and securely.

To learn more about NSGi’s managed IT services and how our user awareness training can help protect your business network, visit our website at https://www.nsgi.com/

This blog was originally published at: https://www.nsgi.com/what-computer-policies-are-essential-for-my-employees/