IT Consulting Network Consulting - Philadelphia Conshohocken Delaware Vallyer PA USA
IT Consulting - A Plan to Manage Your Network
At Info Packaging, we specialize in secure and reliable computer networking
for Small to Mid-Sized businesses.
We believe that business computer networks should be managed with an overall
plan, rather than simply fixing what's broken and adding new machines for new
employees.
There are two main areas which we believe are critical:
1. Network Availability, and
2. Information Security.
To achieve these goals, these are the steps we implement:
Firewall - If you are connected to the internet, you need a firewall,
Period. If you have remote users, you also need RAS (dial-up) or VPN (internet)
. The firewall software or firmware should be kept up to date with the latest
version and patches. We also make sure that your computers are "invisible"
to outside intruders, through Network Address Translation.
Anti-Virus - by now, almost every individual and company has experienced
the frustration and expense which accompanies virus infections (and this despite
having purchased and installed anti-virus protection). Anti-virus software
should be automatic, updated hourly, and not capable of being turned off.
It should be installed on the servers, as well as all desktops. We recommend
Inoculate IT from Computer Associates, which is what we use to protect our
own networks.
Data BackUp/Integrity -
data backups are business critical should it become necessary to restore from
them, and not only servers but desktops, too (the CEO's and CFO's, for example)
should be included in the daily routine. BackUps need to be automatic, verified,
and stored off-site, and rotated properly so that if the last good data is
from two weeks ago, you have that data available from which to restore. We
also recommended periodically "ghosting" critical machines so they
can easily be re-created exactly in case of failure or loss.
Acceptable Usage Policies - your network users need to know your
company's policies regarding personal use of email, personal web surfing,
floppy disks, software, directory access, and related. You need to document
this training, and be sure that all temporaries, consultants, and new hires
also study and sign off on your policies.
UPS - Every device that is critical, or contains critical information,
should be powered through an uninterruptible power supply.
Internal Risk Assessment - the areas of concern include communication
services, operating systems, key applications, and routers. We scan for weak
or missing passwords, deactivated logging functions, ineffective permissions
and policies, Trojans, and other vulnerabilities known to be used by external
and internal threats to your network.
Software Patches and Updates - every day, dozens of software security
flaws are discovered, and patches developed. All software should be examined
to be sure that the most up to date, tested versions are installed. This should
be verified on a regular basis.
Once the above are accomplished, you have achieved a reasonably secure network,
ensuring Network Availability and Information Security.
To move to the next level of organizational maturity, you need to conduct an
Organizational Risk Assessment. Other than the solid foundation that
every organization requires, the real first step in managing risk is to understand
what your risks are in relation to your organization's mission and its key assets.
A comprehensive risk evaluation should strive to include every asset, threat,
and vulnerability to the information and systems of the organization, and to
rank them according to the damage a failure could cause.
(A very strong case
can be made for this to be the first step an organization takes in beginning
to manage network risk, but this can be a time consuming operation, and delaying
the above steps until after the assessment is completed could be unwise.)
The results of your Organizational Risk Assessment will lead to your own plans
for Emergency Response - does your company have a plan for responding
to network emergencies? If your mail server is being used to mount a dDOS attack
against another network, what will you do? If your email client suddenly starts
sending the same message to every contact on your server, how do you respond?
Are your responses practiced as with fire drills? and Disaster Recovery
- what are your plans to recover from an act of God or nature, such as a fire
or electrical surge? Will you handle everything internally, or call upon outsourced
assistance? Are you sure that your mission critical assets will be available
from which to restore? What will you do for phone service, short term financing,
postal service? Will your associates work from home offices while the recovery
takes place?
Other items to consider in light of today's environment include:
Content Inspection - are your employees using company email and internet
service to look for jobs, shop online, check their stocks, send off-color
jokes? You should control this situation, instead of just hoping it doesn't
cause any problems.
Intrusion Detection - if your network is attacked or compromised
by hackers, how will you know it? Investing in the proper software and installation
and configuration will allow you to manage this, instead of reacting to it.
Managed Services - do you have critical servers or services which
have to be available at nights or on weekends? Is your network getting so
large that your IT staff can't keep up with the day to day maintenance and
predictive analysis? You might want to consider "managed services",
where software agents report realtime on the health of your hardware and software,
and certified Network Engineers monitor your systems 24 x 7, assuring maximum
uptime and availability every hour of every day of the year.
Document Management - are your critical paper documents securely
protected? Who has rights to access them? Are some so important that they
should be duplicated and stored securely off-site, too? Are fire-proof file
cabinets required? Have you included "Proprietary Notices" and Copyright
protection where necessary? Are non-compete and non-disclose agreements in
place? (This is not part of our work, but mentioned here for completeness).
Insurance Coverage - are you covered for business interruption? computer
theft? flood losses? This is another area which needs to be analyzed. (Again,
mentioned for completeness.)
Secure email - In the coming months, companies will become more and
more concerned about the security of their email messages, which can wander
around the internet and be intercepted accidentally or intentionally by third
parties. How secure is your email?
Trash shredding - if you don't do it, you should. (This backdoor
exists in almost every organization, shame on all of us).
And that is what we do at Information Packaging Unlimited.
It might be that your existing networking support company serves some, or most,
of the secure networking needs listed above, and we can help you "close
the information security loop" by working in partnership with them.
