We recently worked with a bookkeeping firm in Central California that called us after a weekend attack. A hacker had gained access to the network and downloaded some private company data. Their problem was one we see all too often; not only were they trying to recover from the event, they were left asking how it happened in the first place. “What do we do now?” was their primary question. Our answer was simple: let’s evaluate your network, make it stronger, and work to never let this happen again. Thankfully there was no permanent damage done, and client information was not compromised. But they wisely recognized that it was just a matter of time until this happened again if they left their network unprotected. Our team quickly got to work.
As our client learned the hard way, securing your network has never been more important. Why? Because would-be hackers have an ever-expanding set of tools and tactics they use to try and find access to data and information they shouldn’t have. And attacks will only get worse as hackers find sophisticated new ways to access networks.1
Guarding against this type of activity is a never-ending process, and remaining vigilant is key to thwarting attacks. If your financial services organization doesn’t have a true network security strategy in place, then you are playing with fire. So what’s the key to fortifying your infrastructure to keep client and company data safe and sound? It all starts with a network assessment.
A baseline assessment sets the course for the future
Whether you are a bookkeeper or bank, CPA or venture capitalist, knowing the status of your network now is the first line of defense. Believe it or not, network security isn’t just about firewalls and passwords. It’s also about understanding what assets you have, areas you can improve, and what power your network currently offers. Your next network assessment should uncover the following five things, each of which plays a critical role in keeping your organization’s IT footprint protected, so you can focus on running a successful business.
- Known vulnerabilities – The first thing we look for during a network assessment is areas of potential intrusion. You might be surprised at how many organizations are essentially inviting hackers to access the network through unmanaged ports and unsecured access points. Your next network assessment should map out every way that anyone, employee or otherwise, can access the network. Subsequently, this discovery should uncover how fortified these spots are against someone accessing them without a password or proper authorization. Your assessment should also find any unpatched software. Software that has not been updated is an open door to hackers, offering frequently exploited vulnerabilities.
- Areas of potential improvement – One of the things I love most about performing network assessments is the chance to share areas of improvement with clients. Letting a bank know, for example, that they aren’t utilizing the deep analytics feature of an application or that an increase to network throughput would result in faster transactions for clients often leads to a chance to work together to improve the entire network. If an assessment begins by showing where the client currently is, then the end result is about where we can go together. A successful network assessment should uncover places where your organization can improve in short order, from discovering outdated hardware to finding bottlenecks between departments.
- License utilization and accountability – Missing patches on software can certainly cause problems from a security perspective, but that’s not the only benefit of taking a close look at your software in an assessment. What about the licenses you aren’t using but are still paying for? What about when your software vendors send an invoice at the end of the year and your bill is much higher than you anticipated? A network assessment will uncover which licenses are in use and which can be shut down, giving you not just cost savings, but also total control over your environment.
- Network diagnostics – A proper network assessment will determine things like how much bandwidth you have in the network, your storage capacity for data and files, and–perhaps most importantly–the rate at which your disaster recovery solution can be deployed. In the event of an interruption or hack, your network throughput will directly contribute to your ability to recover data and get operational again. Your assessment should uncover this information so you can know what to expect should you have to react to the unexpected.
- Asset auditing – Far too often we respond to calls from businesses that have been hacked through a device they didn’t even realize was part of the network. A WiFi router without password protection in a remote office. A network jack left active in a public area like a client waiting room. Desktop computers that don’t automatically lock after a minute of inactivity. An asset audit will show exactly what hardware is part of your infrastructure and how it all ties together, which can provide a great starting point for your next hardware refresh plan. From a security perspective, knowing what devices are connected and how they can be accessed will deliver the right knowledge you need to shut down rogue points of entry.
In the end, a successful security and network assessment for your financial services organization is about learning and improving. It’s about figuring out where potential bad actors might take advantage of you, and fortifying walls to keep that from happening. But doing this once isn’t enough, not by a long shot. You need a partner on your side that provides ongoing support for your network, a partner like DiamondIT, that constantly looks for ways to keep you safe and make your organization better through technology. A comprehensive network and security assessment means safety, security, and a path forward for the future.
- http://www.businessinsider.com/afp-cyberattacks-to-worsen-in-2015-mcafee-researchers-2014-12 ↩