Security Best Practices
Securing your network is an important step to ensuring the availability of services for your organization. Listed below are four security concepts, which if implemented effectively, will help you maintain the security of your network.
- Written Policies
- Security Awareness Programs
- Security Technologies
- MOREnet Free Security Services
Written policies are important every organization. Policies should be enforceable, and follow industry standards for best practices. MOREnet recommends at a minimum you implement the following policies:
- Acceptable use
- Personal use of systems
- Privacy Expectation
- Remote Access
- System Configuration and Patching
Security Awareness Programs
Security awareness training is often overlooked by organizations. In reality, properly educated users are less likely to fall for scams that could risk your network, their privacy or their identity. Developing a baseline awareness program that once implemented is reinforced on a regular basis can save vast resources from being expended to “clean up.” Remember, a security awareness program does not need to be extensive or expensive. MOREnet may be able to provide training to users upon request.
- Two ways to enforce good security knowledge are:
- Scheduled training
- Newly employed users should attend a basic security awareness program when hired.
- Annual training reinforces user knowledge, and can be held in conjunction with security awareness activities.
- Participation in Cyber Security Awareness events and activities
- There are many sites that provide free posters, articles and activity ideas to use each October during Cyber Security Awareness Month.
All networks should deploy the following security technologies whenever possible. If you are unsure which technologies are best for your network or how to configure them, contact MOREnet Technical Support at firstname.lastname@example.org for assistance.
- Intrusion Detection/Intrusion Prevention
- Internet Content Filtering
- Filtering is available for purchase through MOREnet at a discounted price. Please see http://www.more.net/services/internet-content-filteringfor more information.
- E-mail Spam and Virus Filtering
- Filtering is available for purchase through MOREnet at a discounted price. Please see http://www.more.net/services/e-mail-virus-and-spam-filteringfor more information.
MOREnet Free Security Services
- GoodNet Neighbor 1
- This service attempts to proactively reduce the number of security incidents caused by viruses and scanning. Level One of the Good Net Neighbor Service will implement access control lists to block Windows Networking ports (TCP/UDP ports 135, 137, 138, 139 and 445). Please see http://www.more.net/services/good-net-neighbor-phase-1 for additional information.
- GoodNet Neighbor2
- This service expands on GNN1 by implementing access control lists to block outbound port 25 traffic from all systems except known, designated mail servers within your organization or network. By blocking workstations' ability to send traffic on port 25, your network will not become "spam friendly," and you will be less likely to end up on a blacklist. Please see http://www.more.net/services/good-net-neighbor-phase-2 for more information.
- Black Hole DNS
- The service works by redirecting traffic for sites that are known to be hosting malware, and provides an additional layer of security for workstations and servers. The service is very easy to use. Please see http://www.more.net/blackhole_dns for additional information.