Image default
Guest Articles

Security Checklist for SMEs on Protecting Network Infrastructure and IP Resources

Heficed continuously invest in refining their security measures and bare-metal upgrades, relieving their clients of infrastructure maintenance duties so they can focus on their business.

The pandemic brought along a new set of challenges to deal with, such as increased phishing scams, hacking attempts, as well as novel malware. To top it off, many moved to work from home – this raised a series of questions about how to establish a secure remote workplace. While corporate businesses have sufficient resources to address the problems at hand, SMEs have to adopt a more strategic approach to keep the threats at bay. Luckily, when it comes to security, covering all the basics can provide a strong defence against threats even without having a large department of IT pros.

Know your endpoints – and secure them

Knowing all of the endpoints of the network—laptops, desktops, servers, virtual environments, etc.—helps to narrow down on weak links that could be breached and compromise the inner infrastructure.

At the moment, with the majority of the workforce working remotely, keeping track of all network access points has become even more crucial, as home desktops are typically easier for fraudsters to exploit.

Therefore, setting up secure VPNs, as well as reliable remote desktop connections, should be among the top list of priorities for SMEs. This allows to safely access the company network without any malware hitchhiking along the way.

At some point, companies need to re-evaluate their operational volume and determine if it is still beneficial to maintain their infrastructure in-house, as outsourcing could be more cost-efficient. For example, at Heficed, we continuously invest in refining our security measures and bare-metal upgrades, relieving our clients of infrastructure maintenance duties so they can focus on their business. Thus with intense scaling, the cost-benefit ratio would lean towards outsourcing. 

Educate your employees

With a currently thriving remote work culture, network security now lies as much in the hands of technology officers as it does on the rest of the company’s employees. One reckless click on an e-mail from a questionable sender could lead to a great deal of problems not limited to data theft, as an average phishing scams aim to extort around 80 thousand dollars.

Basic cybersecurity knowledge could minimize possible network breaches due to human error. This is crucial for smaller-scale businesses, which may not have dedicated ITOps working 24/7 to keep tabs on viable threats. The best way to approach this is to first survey employees to determine their current knowledge concerning cybersecurity. With an established baseline, IT representatives can prepare workshops that address the identified knowledge gap.

Encouraging colleagues to question the legitimacy of links, e-mails and other sources of information is one of the best pre-emptive measures to protect network infrastructure, and therefore should not be overlooked when seeking to identify possible weak links.

Shifting to ROAs

Transitioning to the data centre infrastructure provides better and more flexible control of IPs, especially public ones. That said, this comes with additional security aspects that need to be factored in, e.g. switching to a different IP certificate, which is a simple way SMEs can boost their network security. For those out of the loop, first, let’s discuss how are IPs validated.

Each IP address in use needs to be certified by LOA, the Letter of Authorization, or ROA, Route Origin Authorization – the digital equivalent of LOA.

Although both documents validate the ownership between the IP resource holder and the IP Address, LOAs are more commonly used. However, the latter is more susceptible to counterfeiting or malicious misuse than its digital equivalent.

Due to the fact that a Letter of Authorization is usually written in free-form (e.g. a pdf file) it is pretty easy to spoof. However, if it was digitized, it would be possible to detect any attempts to manipulate data, like change the designated IP holder, in seconds, stopping the viable threat in its tracks.

ROAs play a crucial role in terms of preventing IP hijacking, traffic misdirection, and securing the overall network integrity. Therefore, it should become a common practice, as it could better protect the entire infrastructure. 

Stay on the lookout

There will always people that want to capitalize on fear and distraction, especially during times like these. It is crucial to remain vigilant and attentive, as a significant amount of hacks are the result of recklessness and not necessarily a sophisticated targeted attack. There is no question that preventing system hacks is easier than trying to restore the damage after the fact, and by covering all the basics it should be a relatively easy task to accomplish. 

Related posts

Securing the data lifecycle key to data security and compliance

Ani Chaudhuri

How AI-powered Data Virtualization Will Drive Automation in Data Integration and Management

Ravi Shankar

AI: A Driving Force for New Enterprise IT Infrastructure Requirements

James Coomer