One of the most popular posts on the GFI Software blog has always been The Ultimate Network Security Checklist from back in February 2012. Many readers asked us to give this a bit of an update to reflect better the current security world, so this month we launched a new version of the checklist.
Security administrators will definitely find this checklist useful, and if you’re tasked with network security--whether you’re a one-man show or part of a security team--the checklist will give you a solid foundation of the areas you need to tackle.
The document includes specific settings or recommended practices to secure your environment against threats. Of course, no two networks are the same, so you will need to tweak the checklist to best suit your environment--keeping in mind things such as business requirements, regulatory obligations, local laws and other factors that might influence company’s necessities.
The list starts with user accounts because your users are probably your weakest link and you need to cover all your bases from training to account management. Next the checklist mentions policies that are to be created and then made official by the company to hold any weight. With the help of policies you have a good foundation for when users come up with unusual requests.
Provision your servers would be next on the list. That is where your company’s most valuable asset is ... your data! Create a server deployment checklist, and make sure that each server you deploy complies 100% before it goes into production.
When it comes to your workstations, make sure they, too, are as secure as possible. Keep an updated workstation list complete with assigned user. Keep workstations up to date when it comes to patching, and secure with the latest antivirus definitions. Consider using a host intrusion prevention, and, when it comes to remote access, pick one method and stick with it.
Next, the list goes into some recommendations for your network equipment, which also is critical to secure and maintain.
The checklist also focuses on vulnerability scanning, backups, remote access and wireless networking. It then talks about the importance of keeping both email systems and Internet access secure, and gives recommendations about how this can be done.
Finally, it tackles fileshares and log correlation, and concludes with the importance of a central form of time management.
This little introduction really doesn’t do it any justice. To read the full network security checklist, click here, or if you would prefer it in a PDF version for easier reading, printing and reference, you can download it here (downloads pdf).
Melanie Hart is Digital Content Specialist/Editor at GFI Software. An eager blogger, fiery tweeter and avid reader, Melanie is a self-confessed geek who finds solace in online FPS games.