Network Security: Recommended Guidelines for Signet Technologies Customers
Network security is a serious matter. Check out the following links for more information.
A Comprehensive Risk Management Guide on Symantec's site.
Symantec Security Risk Management
Statistics say that 50% of break-ins are from internal
sources.
This makes your network vulnerable to inside risk, whether intentional or not.
Look on Symantec's site for related information concerning security risks at Symantec's
Enterprise Security News page.
In General, access to all
system resources should be limited to system administrators.
Access Granted by Categories:
Users:
Individual users only need access to their private information and any shared, or group access information and should be restricted to such.
Typically, users have access to their own, private share, a shared folder which is available to all users, and a group, or number of group shares based on projects, work groups, etc.
Managers:
In addition to all access granted to individual users, managers should be granted access to their departmental shares for monitoring company usage and policy governing it. This includes any direct subordinates’ private share.
Administrators/Supervisors:
Administrators need access to the entire network resource tree in order to maintain and configure network resources. Their supervisors need that same access to be able to monitor the functionality of their administrators.
This of course assumes that supervisors are qualified to use and manipulate those resources.
Printers:
Only those users, or groups of users assigned to use specific printers should be granted access to them.
Remote Access:
Fire-walls
General rules: Block everything, accept only certain things.
VPN
Allow individuals access to shares according to their needs. This can be configured on a per user login basis and on a per network peer basis.
RAS
Remote access servers can be very dangerous. Phone numbers are not as secure as some other network access devices, eg. VPN gateways, etc. For this reason alone, RAS should be carefully thought out and access granted on a per user basis with adequate authentication in place.
Disclaimer:
Security is the sole responsibility of our clients and the system owner.
As part of our service portfolio, Signet Technologies may recommend various security
policies as a general guide and recognizes that even the most secure policies
may still have vulnerabilities.
ON
LINE EXCHANGE MAKES NO WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, BUT NOT
LIMITED TO, THOSE OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. THIS INCLUDES LOSS OF DATA RESULTING FROM
DELAYS, NONDELIVERIES, MISDELIVERIES OR SERVICE INTERRUPTION HOWEVER CAUSED OR
USE OF INFORMATION OBTAINED THROUGH ITS SERVICES.
If you have questions regarding your network security, please call us at 313-961-7100