Securing your computer network (part 2) #CyberSecMonth
Partitioning, protecting and controlling: the secrets to securing your networkInternet access has become almost indispensable in a professional context. Unsecured access to the Internet can become the source of many problems:
- Execution of malicious code
- Downloading dangerous files
- Taking control of the terminal
- Leaking sensitive data
- And many other threats.
Adopt the right reflexes to secure your network:
Dissociate the services visible from the Internet from the system:Hosting services visible on the Internet internally is a practice that requires a lot of vigilance on the part of the organization. Indeed, administrators must be able to guarantee a high level of protection. If the organization cannot do this, it can still use outsourced hosting for its services visible on the web. Internet hosting infrastructures must be physically partitioned from all other system infrastructures. It is also recommended to set up an infrastructure for interconnecting these services with the Internet to filter the flows related to these services from the entity’s other flows. These flows must imperatively pass through a reverse proxy server with many security mechanisms embedded.
Professional messaging, a channel to prioritize:Messaging is the main vector of infection in the workstation, particularly when opening attachments containing malicious code or clicking on a link that redirects to an equally malicious site. First and foremost an awareness phase must be conducted internally. In the second step, you have to verify the authenticity of the message through another channel (phone, sms …). The redirection of professional messages to a personal message is to be avoided. In terms of security this practice represents a data leak. A remote access solution to professional messaging is a good alternative against this problem. In case of hosting the email system it is important to have an antivirus scanning system to prevent the reception of infected files but also to activate TLS encryption of exchanges between email servers as well as between user workstations and hosting servers.
Remain vigilant about partner relationships:Organizations sometimes need to establish a dedicated network interconnection with a supplier or customer, especially to exchange data. These exchanges must pass through a private network or a site-to-site tunnel (Ipsec). By principle, partners cannot be considered secure and secure, so it is essential to perform IP filtering with a firewall as close as possible to the flow entries on the entity’s network. The flow matrix should be reduced if necessary for operational purposes, maintained and equipment should comply with it.
Don’t forget the physical security of the entity:Physical security mechanisms are also part of an organization’s security strategy. It is important to put in place adequate physical security measures and to continually raise awareness among users of the risks associated with circumventing rules. In addition, network outlets in public areas should be restricted or even disabled if possible to prevent intrusion. This device makes it possible to avoid any intrusion on the network. The access to server rooms and other technical rooms must be secured with secure locks and badge systems. Unaccompanied access by external service providers should be prohibited or, failing that, access should be traced and limited to strict time slots. It is important to regularly review access rights in order to identify unauthorized access or to update them (departure of an employee, change of service provider, etc.). In short, you need to know your information system in order to be able to control access to your infrastructure.
How to apply these solutions to secure your network?Securing the computer network is not easy without special skills. To act effectively, you need good methodologies and appropriate tools. Tools can be obtained easily and quickly, unlike methodologies that are more complex to address. These methodologies can be obtained through the internal training plan or with the assistance of an expert such as Tranquil IT. The first step we recommend is to contact a PASSI to carry out a complete audit of your fleet. They are classified into different categories:
- Architecture audit
- Configuration audit
- Source code audit
- Intrusion test
- Organizational and physical audit
Take advantage of our expertiseTranquil IT has 15 years of expertise in the local network security sector. We can easily help you to apply the recommendations of an Information Systems Security Audit Service Provider (PASSI). We combine our DevSecOps methodologies with a combination of tools that we master to act efficiently and securely on a fleet. We therefore use SRP (Software Restriction Policies) to establish security barriers, Samba Active Directory for user rights management and WAPT for to control your applications. The combination of these three tools allow us to guarantee the security of your IT park.
The European CyberSecurity Challenge 2018, a winning challenge?The French team quickly positioned itself in the top three on the first day of competition. Finally dethroned in the middle of the day, France was able to establish itself as a major player in the competition. The French team again took first place on the second day, the end of the competition was extremely tough and the scores were very close. Germany will finally finish first in this competition, but we can still congratulate our French team who finished second on the podium, an impressive performance for its first participation. The revenge will take place in 2019 in Romania!
The end of confinment is finally here! Discover how the team at Tranquil IT has acted and reacted following the reopening of our offices.
How has the team at Tranquil IT organized themselves to work from home?
How has Tranquil IT organized itself to work from home during this confinement period? Discover the mechanisms that help get us through this!