Stable and Secure Network Infrastructure Benchmarks



Similar documents
MAXIMUM PROTECTION, MINIMUM DOWNTIME

Firewall and UTM Solutions Guide

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ ITMC TECH TIP ROB COONCE, MARCH 2008

Countering and reducing ICT security risks 1. Physical and environmental risks

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

IT Checklist. for Small Business INFORMATION TECHNOLOGY & MANAGEMENT INTRODUCTION CHECKLIST

LAW OFFICE SECURITY for Small Firms and Sole Practitioners. Prepared by Andrew Mason, Scott Phelps & Mason, Saskatoon Saskatchewan

Electronic Health Records Are You Ready?

Network and Workstation Acceptable Use Policy

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

Better protection for customers, and recurring revenue for you!

Best Practices For Department Server and Enterprise System Checklist

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

Making the leap to the cloud: IS my data private and secure?

Internet threats: steps to security for your small business

High Speed Internet - User Guide. Welcome to. your world.

INNOVATE. MSP Services Overview SVEN RADEMACHER THROUGH MOTIVATION

INFORMATION SECURITY FOR YOUR AGENCY

Malware & Botnets. Botnets

AVG AntiVirus. How does this benefit you?

RL Solutions Hosting Service Level Agreement

Data Access Request Service

Senaca Shield Presents 10 Top Tip For Small Business Cyber Security

modules 1 & 2. Section: Information Security Effective: December 2005 Standard: Server Security Standard Revised: Policy Ref:

Telework and Remote Access Security Standard

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.

Prepared For: Sample Customer Prepared by: Matt Klaus, GFI Digital Inc.

Cybersecurity Health Check At A Glance

Computer Security Maintenance Information and Self-Check Activities

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.

Cyber Self Assessment

Security Policy JUNE 1, SalesNOW. Security Policy v v

Cyber Security Awareness

Proactive IT Solutions More Reliable Networks Are Our Business

Course: Information Security Management in e-governance

Mapping Your Path to the Cloud. A Guide to Getting your Dental Practice Set to Transition to Cloud-Based Practice Management Software.

Windows Operating Systems. Basic Security

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group

Summary of Technical Information Security for Information Systems and Services Managed by NUIT (Newcastle University IT Service)

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

INFORMATION SECURITY PROGRAM

Cyber Security Awareness

Responsible Access and Use of Information Technology Resources and Services Policy

KEEPING PATIENT INFORMATION SAFE AND SECURE IN THE CLOUD

Frequently Asked Questions

Best Practices for DanPac Express Cyber Security

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

Security Management. Keeping the IT Security Administrator Busy

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses

BSHSI Security Awareness Training

NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL.

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Top tips for improved network security

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

InsightCloud. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS?

Section 12 MUST BE COMPLETED BY: 4/22

For assistance with your computer, software or router we have supplied the following information: Tech Support , press 1

How To Protect Your Data From Being Hacked

In-House Vs. Hosted Security. 10 Reasons Why Your is More Secure in a Hosted Environment

Guardian365. Managed IT Support Services Suite

IT INFRASTRUCTURE MANAGEMENT SERVICE ADDING POWER TO YOUR NETWORKS

IT Assessment Report. Prepared by: Date: BRI Works East Main Street, Suite 200 Charlottesville VA

User's Manual. Intego Remote Management Console User's Manual Page 1

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

Supplemental IT Solutions: More Reliable Networks Are Our Business

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

Know the Risks. Protect Yourself. Protect Your Business.

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

SNAP WEBHOST SECURITY POLICY

Managed Services. Who are NCI Technologies? Full support for your IT systems and users, without the hassle or expense of an in-house IT department

MN-700 Base Station Configuration Guide

General Questions Requesting Access Client Support Downloading Issues Installation Issues Connectivity Issues...

Interactive welcome kit Charter-Business.com CB.016.fibCD.0210

ehealth Ontario EMR Connectivity Guidelines

Complete Managed Services. Proposal for managed services for the City of Tontitown

GETTING STARTED WITH A COMPUTER SYSTEM FACTSHEET

Better secure IT equipment and systems

Transcription:

Last updated: March 4, 2014 Stable and Secure Network Infrastructure Benchmarks 501 Commons has developed a list of key benchmarks for maintaining a stable and secure IT Infrastructure for conducting day-to-day operations. The focus here is on the hardware, software, networking, and security. These benchmarks should be considered minimum requirement rules of thumb we have developed while serving hundreds of nonprofits. Operating outside of minimum standards increases the likelihood that an organization will face frequent system instability, security breaches, and a general lack of performance and productivity. An organization may deviate from these guidelines, but they should have well-thought-out reasons for doing so. Equipment Age Desktop computers used on a regular basis should be no more than four years old. Every laptop computer should be no more than three years old. Having current or near-current computer hardware configurations enables members of an organization to be more productive by putting more muscle, more storage, and more effective connectivity behind their computer-based processing and development tasks. Faster computers operate more smoothly and with less downtime, and also support newer and more secure operating systems. Newer computer hardware also provides a greater degree of connectivity, with faster network interfaces and fasteraccess storage hardware. Operating Systems All workstations should be using the same operating system and it should be the most recent version of that system. The newest business-grade operating systems (professional versions, not home editions) have greater levels of security, perform better, and run more efficiently, thereby increasing productivity and reducing overall risk. Network Setup Organizations with 10 or more computers should be networked in a way that allows centralized management and security and access to shared resources. Historically, this has been achieved via a client/server (domain) network. Cloud-based alternatives to in-house server equipment have been making great improvements over the past few years, sometimes reducing or negating the need for a physical on-site server. The right mix of cloud-based and on-premises infrastructure for any organization will depend on a number factors including the business applications in use, the level and quality of Internet connectivity, security profile, and tech savviness of staff and other system users.

Internet Connection High-speed Internet access is the standard for organizations, allowing for more efficient workflow, better use of online tools, and more effective sending and receiving of documents. Given the growth of the market for these services, broadband Internet access can be acquired for costs comparable to dialup services in most locations. In order to acquire high-speed Internet services, they must first be available in your area. Some remote areas do not have widely-available broadband access. In these cases, seek the fastest, most reliable Internet access in the area. When utilizing high-speed Internet service it is important to remember that while some Internet providers install firewall/router hardware for their customers, many do not. A firewall is a hardware device that protects an "internal" (your office) network from "external" (the Internet) threats. Some providers offer combo equipment that not only brings the Internet into your business, but also filters and secures the connection. Ask your Internet provider what type of equipment you are using or will be using if moving to their service if they do not provide a hardware firewall/router with your service you will need to acquire this type of security hardware yourself. Depending on the number of users, and the programs needed at your office, your organization may not be able to work effectively with a DSL connection, but would be better with a cable-based, T1 or FIOS connection. When evaluating your organization s needs, consider: The number of users you will have. Generally speaking, you should not have more than 5 users on a DSL connection. The amount of Internet-based programs your organization uses. If you use Internet-based services such as Salesforce.com, Microsoft Office 365, or other online services, you will need a faster connection to make sure you have reliable access. If your organization uses Internet based phone service, you need to have at least a T1 connection or separate connections for phone and Internet service. Firewall Organizations must have a business-grade hardware or software firewall on their Internet connection to protect systems and data from external threats. A firewall (sometimes called a router or gateway) serves as a security gate between your computers (internal) and the rest of the Internet (external.) This is important, because computer hackers routinely search the Internet for network connections that are not secure they then use these connections for their own purposes, potentially covering their tracks and possibly implicating your organization in anything malicious that they do. Aside from protecting you from random external attacks, a firewall also protects your confidential internal data from calculated intrusion attempts. If staff members access your network remotely, or if your network spans multiple offices, consider investing in a more robust, business-grade firewall solution that can also scan for viruses and other threats. You may also wish to consider investing in a firewall that offers secure remote Virtual Private Networking (VPN) connections to your office. VPN is an industry-standard access protocol used to allow remote users secure, private access to an internal network and its resources.

Wireless Access Any network providing wireless Internet access must have security implemented to limit access. It is vital to implement basic security protections on a wireless network at your organization. Most WLAN hardware has become easy enough to set up that many nonprofits simply plug it in and start using the network without giving much thought to security. Securing your wireless network by implementing Wi-Fi Protected Access (WPA) security protocols is an important next step. WPA will require encryption keys before allowing access to your wireless network. To provide even more protection consider implementing additional security measures as appropriate. Information Backup Adequate backup systems should be in place and checked periodically. It is important that your organization's information (data, files, etc.) be backed-up onto removable media on a regular basis and tested for validity. Financial data, personal documents, company files, and other information needs to be stored on removable media and regularly taken off-site to a safe location for disaster recovery purposes. Invest in a trusted backup system (external hard drives, tape drives, online backup solutions, etc.) and implement it as soon as possible. In the event that a hard drive fails, a weather emergency occurs, or theft of data occurs, without proper backups of your organization s information it is likely you will forever lose data important to your business. It is of key importance for any organization to ensure that critical information is backed up, but it is equally important that backups are tested to ensure that a restore can be performed. If data is lost due to weather, theft, or hardware failure, without tested and working backups of the information it is likely you will never regain that data. Restoration tests verify that backed-up information is in fact ready and available in the event that a non-test file restore has to be performed. Virus and Malware Protection All computers must be protected by antivirus software. Institute a process for updating your virus definitions on a regular basis. Train all staff members on the nature and severity of threats to your organization posed by viruses, spam, and phishing attempts. New viruses are appearing more and more frequently, so anti-virus software needs to be updated frequently for it to be effective. Many virus protection software programs have administrative features that will auto-update the software definitions at scheduled intervals while you are connected to the Internet. You can avoid many computer viruses if your staff is trained on protocols for opening email attachments and scanning removable disks (such as USB drives). Because you can only be protected from viruses if everyone on your staff practices good virus protection habits, it s important that all staff members understand how to avoid viruses. Equally important is instituting some level of anti-spam protection. Whether filtering email coming from an external email provider or a locally installed application on your own managed email server, antispam software is essential for preventing most virus-laden messages from ever arriving in your Inbox. phishing is a term used for email, website, or instant messaging (online chat) solicitations that are sent with the intention of getting the recipient to reveal personal information which the sender can then use

for exploitative purposes. Phishing can sometimes be related to the more commonly known spam type of email messages, and can be a bit trickier to detect since these messages often appear to be from reputable or well-known financial institutions with which the recipient may have a relationship. Remember that banks, credit unions, credit card companies, online safe-pay and shopping sites, government agencies, etc. will never ask you to submit, verify, or change your private account or password information via an email or instant message. Secure Internet Browsing All desktop computers and laptops should be using current browser software that has been patched to protect against pop-ups and malware. Data Security Strong (hard to guess) password policies must be enforced for access to computers and network resources. Document rules and insist that all users utilize passwords to access company resources. Passwords are the keys used to access your computers and networking systems. Establishing guidelines for the selection and safeguarding of passwords by staff will provide an important barrier against unauthorized access. The number of quality password cracking (guessing and breaking) tools and hacking methods continue to increase. Due to the interconnected nature of most computer networks, access to even one computer can mean access to all machines. Careful attention must be paid by all users to the creation of strong passwords (passwords that are difficult to guess or crack). Following standard practices can reduce the risk of unauthorized access by limiting loopholes and oversights. Documentation The organization must have adequate documentation about the technology infrastructure in print and electronic forms, stored where it can be easily found, to maintain or modify. The best way to establish self-sufficiency and aid in the maintenance and troubleshooting of any network is to have accurate and up-to-date documentation for all your hardware and software. Any and all information related to hardware setup, warranties, software configuration, Internet connectivity, email accounts, and tech support information should be written down and stored in a network notebook. This documentation is especially valuable for an organization without an internal technical person as it can aid staff's work when engaging with a consultant or volunteer support person. Writing down all warranty, service accounts, account numbers and serial numbers in one location can be a very valuable tool in maintaining the technology in your organization. Also make sure you keep your information about your website, including your domain registration information and account names and passwords, somewhere internal and not just with the person who developed your website. Tech Support Organization should have someone who regularly administers the IT Infrastructure and attends to technology needs. Nearly all nonprofit organizations require some type of computer support not just to troubleshoot and resolve issues but also for ongoing administration and pro-active maintenance of technology resources

and hardware. The amount of time that is necessary for administration will vary depending on the type of network, the software and services in use, and the number of users accessing resources. If your organization has a basic computer network (two or more computers) you will likely need access to some sort of technology support along the way, whether an internal staff person with at least basic technical skills or an external technical support provider. Generally an external consultant would be used for more complicated and advanced administration issues. Physical Security Important equipment must be physically secured from unauthorized access and theft. Passwords should be implemented on all computers to prevent unauthorized access. Servers, firewalls, switches, Internet modems, and patch panels constitute the backbone of most networks. This equipment, when configured and installed correctly, is designed to control and facilitate the flow of data traffic within your network, to user's computers, and to/from the Internet. By securing these important devices, either by locking them in secure data closets, cabinets, or racks, or by placing them in physically unreachable areas (in a ceiling, for example), you are helping to ensure that none of this vital equipment is tampered with or stolen. Laptop computers and other small, portable devices should also be secured. Your organization can purchase locks that will attach them to their desk, or they can be secured by locking them in a drawer or closet. Equipment Protection All equipment needs to be protected from power surges, electrical interference, and high temperatures. Computers and servers, as well as print devices and networking equipment, need to be protected from common power issues like surges, spikes, and power outages. Servers, by their very nature, are more important to your organization than general workstations or laptops. It is because of this that a business-grade, charged, and working uninterruptable power supply (UPS) with administrative software installed and running is recommended for all servers. If your organization is housing servers and network equipment in a secured room, make sure that it has proper cooling and ventilation, as they heat up quickly and high temperatures can damage this equipment.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information