Network security is a serious matter. A network allows you to share information and resources, but it also lets computer viruses, human intruders, or even disgruntled employees do far more damage than they could on a single machine. Think about what would happen if every bit of data on your local area network (LAN) vanished, and you’ll understand why security is so important.
Here is a brief list of security measures to think about when you’re installing a LAN:
- Virtual data still requires physical security. This could mean keeping your server in a locked room, removing disk drives from workstations that don’t need them, and installing an alarm system in your office. All the security software in the world won’t stop someone from breaking into your office and carting off your computers.
- Beware of bugs. Most computer viruses are just a nuisance, but it takes only one malevolent virus to bring your network to its knees. Install reliable antivirus software, keep it updated, and train your employees to use it. Think about other protective measures, such as installing only shrink-wrapped commercial software on your computers.
- Network security is a daily job. Stay on top of changes that could affect the security of your LAN. Keep your operating system updated with the latest security patches and bug fixes. Assign access to directories and other network resources on a need-to-have basis, and remove a user’s account immediately when they leave your company. Use network logging and security tests to check your network for security holes and possible break-ins.
- Pay attention to passwords. One bad password can compromise your entire network. Avoid passwords that contain dictionary words or personal information, and require users to change their passwords regularly. When an employee leaves the company, disable their password immediately as part of the termination process.
- Don’t let trouble come calling. Take special precautions if you connect your LAN to the outside world through a dial-up modem or a dedicated Internet connection. Protect against dial-up attacks by using encrypted passwords or callback modems, which allow access only from recognized phone numbers.
- Install a firewall. If you connect your LAN directly to the Internet, configure a firewall to screen both incoming and outgoing traffic. A software firewall like Zone Labs ZoneAlarm will also protect your network against malicious applications known as Trojan horses that let intruders enter and take over your computer system.