At Waytek, we do an extensive network assessment for all of our IT Managed Services customers. Many of these customers work in the areas of healthcare, finance, law or accounting and have to think of compliance as a priority when assessing their IT needs. These are some of the most common and most important questions regarding “best practices” that we see:

What is one of the top priorities for a company when assessing the network?

Every company should have a network design and backup or BDR (Backup and Disaster Recovery) solution in place. By effectively protecting your data, you will be covering most of the compliance issues you encounter. The network design is the most common priority of a network assessment. It allows the client to be able to see what the network looks like in a picture form. It should be neatly structured, with the critical components included, so the client gets a clear picture of what he is viewing. It can get as granular as being able to see jacks on the wall with room layouts, though most clients tend to want to see how the WAN connects to the LAN at the server room and network closets.

Another priority is the backup procedure at the facility. This will allow the client to see if the proper backups are in place and running. Many times, we have seen clients who think they have a backup in place when they actually do not or it is continuously failing.

There are other parts of the assessment that could be a priority, depending on the vendor or client, such as Network Audit/Inventory, Domain Structure or WAN/LAN Security.

Have you identified your information security risks?

A network assessment should include identifying the information you have, especially any personal information that falls under applicable legal requirements. In addition, determine who is responsible for and collects or handles personal information.

Different security risks are found on a daily basis in this industry, but here are a few of the common risks:

  • Through port scans on your firewall, hackers are looking for a way into your local network.
  • Website links and email can allow virus and malware access to machines inside your network.
  • Forced hacking is possible when an external vulnerability is found and a hacker finds a username/password combination to access an internal system.

Does your company have user policies in place?

Be careful about giving access beyond those who have the sole purpose of collecting information. You should establish a password policy, account policy, and network sharing and file transmittal policy. It is imperative to establish login credentials and have proper password security, including changing passwords frequently. You should have an encrypted directory, so only key personnel can access sensitive data.

Create a written policy that outlines what is acceptable when accessing the network. Certain websites, for instance, are known to allow malware or viruses to launch from the site. Protect your network by blocking these websites and having a written policy in place so that users are aware of which websites to avoid.

Do you have the appropriate safeguards in place?

Along with password protection, (the lack of which is a leading cause in data breaches) be sure to have the proper antivirus and anti-malware protection. In addition, a strong firewall is imperative to running your IT and business securely. Along with antivirus and anti-malware, you should have power protection such as UPS or Power Backup on the server, phone system and desktops. Periodically, you should plan to have a vulnerability scan for WAN to check for potential open ports that allow hackers into a network. For the LAN, you should be sure all patches are applied, as software flaws could allow for a compromise to that computer.