A security product’s marketed potential will never help protect your business if many of its security features are not configured properly, or even worse, not at all. Think about it—what benefits will the best products on the market provide if you don’t have the plan, time, staff or contracted expertise to properly implement them? In today’s market, infrastructure products come with a plethora of configurable features that help protect the network and its assets. If you pay for these features, why wouldn’t you turn them on? All too often we hear about default configurations or default credentials being used to compromise a network. Be it a homegrown, vendor-specific, or even commercial product, any time the default settings are assumed secure, you might be putting the business and the clientele at risk.
So where do we start? What can we ask of our staff and technology partners? What options can we start asking our geeks to click? Here’s a few considerations to get you started:
- Use authentication on the network.
- Implement multi-factor authentication for employees AND vendors.
- Encrypt whenever possible.
- Stop using unencrypted protocols like http and telnet.
- Accept that segmentation is your friend.
- Delete or disable all default credentials.
- Configuration housekeeping should be a priority—cleanup after yourself and others.
- Get a second or third pair of eyes to check ALL work—we all make mistakes from time to time.
If you’d like to learn more about how built-in features and basic security practices could benefit you and your company, contact your Symplexity representative for more details!