Introduction
Have you just gotten a network survey done and found that your Fort Knox is more
of an Open House? Did you already know that you are playing fast and loose but
had no idea how fast and how loose? Well, you can make your network reliable and
secure, starting at the perimeter (firewall) and working your way inwards. And you
can resolve your worst networking problems, the same way they built the pyramids,
one brick at a time. And remember, if it is not automated, it simply will not happen.

1. Secure the perimeter
Securing the perimeter with a good, deep packet inspection firewall is the easiest
and most broadly effective step you can take. Just a few years ago, firewalls were
very simple devices that simply scanned the headers of data packets (well under one
percent by “volume” of data). They simply verified that a request for a certain page
was valid and that the response to that request came from the intended target. No
attention was paid to the 99 percent of each packet that was the actual data stream.

With everything from viruses to attacks against browser flaws in that data stream,
you need more from your firewall these days. You need a device that does deep
packet inspection, a device that has the ability to recognize and control specific
traffic (i.e., instant messaging or streaming video). You need a “unified threat
management” or UTM device, one that can also provide secure remote access and
wireless capabilities. Ask NSI about easy and affordable UTM Firewall products.

2. Setup Network Antivirus
The need for reliable network antivirus software is not news. But antivirus threats
have grown tremendously in sophistication over the past few years. We still very
commonly see sites running a mix of three or four different, unmanaged products on
their desktops (or worse, nothing at all). That which you cannot automate does not
get done. And that which you cannot get reports on, you will not even know is not
getting done. Ask NSI about managed network antivirus for your business.

3. Setup Software Patching/Updating
How many patches did Microsoft release for Windows XP? Thousands. How about
Windows Server 2003? Hundreds. What things need patching? Servers, desktops,
operating systems, browsers, MS Office, Dot Net Framework, Flash, Java, Adobe
Reader, and more. Why do you care? Because every major attack you have heard of
for years takes advantage of vulnerabilities that have already been patched (or should
have been). Ask NSI about how to automate your network patch management.

4. Setup Reliable Data Backups
Nearly everyone has heard of (or experienced) the hardships of getting tape backups
to work properly. So why do so many still use tape backup? Because it’s fast (LTO
is faster than USB hard drives or NAS), reliable (with the right equipment), and
cheap (a $50 tape holds 1000G of data). Finally, tapes can easily be stored locally in
a fire safe and go home with you for off-site storage as well. But tape is not the only
answer you need. Ask NSI about a data backup solution tailored to your needs.

5. Setup Local Disaster Recovery
Think that your data backup is all you need to recover from a loss or theft? What if
you had a theft that left you with no servers? Your data is safe on tape somewhere,
but what does it take to get back to work: New hardware first, then the installation
of your server, email/and or database servers, your backup software and then the
recovery from tape of your data. That’s two to five days without a network, after
you get hardware. What if you could do it one afternoon? How much could that
save you? Ask NSI about imaging and virtualized solutions for disaster recovery.

6. True Disaster Recovery (DR) Planning
Want to fall asleep every night knowing your data backup and disaster recovery
solutions are truly bulletproof? What if you had actually had a plan for a stolen
server, a damaged building or other disaster? Perhaps you had never considered
this all before. If so, let’s get you sleeping well again. Most of this planning is
strategic not technical, and not costly. Ask NSI about true DR planning and devices
for your business.

7. Setup Reliable Power Protection
Maybe you know that your UPS can support your servers for no more than about
half an hour during a power outage. Maybe you have wondered . . . what happens
then? And are all the really important pieces of your network protected from power
fluctuation, contamination and loss? Did you know that you can connect all of your
networking gear to one monitored device that can handle all your power needs?
Ask NSI about power backup and monitoring solutions for your business.

8. Educate and Train
No matter how diligently you protect the perimeter, maintain network antivirus and
software patching, plan and execute backups and DR planning, all it takes is one
piece of seriously bad judgment to bring it all down. Ask NSI about training your
staff in the basics of reliable and secure computing.

Net Sciences, Inc.
Since 1996, Net Sciences has been building reliable, secure networks for our New
Mexico customers. On networks of three to 300 computers, supporting law firms,
architects, engineers, scientists, accountants and nearly every other profession, Net
Sciences is the complete solution to your business network equation. Net Sciences
designs, builds and supports networks, keeping them running smoothly, and
protecting your data so that you can focus on taking care of business!

Introduction
What is the single most important component of your business network? Is it your
servers, desktops, laptops or phones? They are all important, and some are costly.
But if you stop to think about it, the only truly valuable “item” is your data.
Everything else can be replaced and if you are well insured, with no more cost than
the downtime and aggravation of putting it all back together. Data is not like that.
Data is precious, irreplaceable and as you will see, very hard to control.

1. Physical Theft
This is the simplest concept. We all understand theft. That is why we have locks,
security systems, cameras, insurance policies and more. These are all “physical”
issues and we can protect against them in various ways, from simply placing the
server in a locked room to using full-blown access control (card key or biometric)
systems. But what if, somehow, these are breached and you find one day that your
server is gone? Ask NSI about data encryption for your server and backups.

2. Physical Loss
This is another simple concept with serious ramifications. According to insurance
companies, nearly one million laptops are lost or stolen each year in the United
States. As incredible as that sounds, nearly 30 percent of cell phones are lost or
stolen each year, that’s tens of millions! Remember that phones nowadays are often
simply small computers that provide data and voice communications and, carry
your data. Ask NSI about remote wipe, encryption and other phone security issues.

3. Hacking (Outside Attacks)
This is also a well known, if not well understood, concept. Most of you know that
there lurks out there somewhere, millions of frustratingly skillful and determined
miscreants just itching for your data. Well, to be precise, not your data per se, but
someone’s personal information. While it is true that there are few targeted attacks
(true industrial espionage), it doesn’t take much targeting when you have the
numbers these guys have. Ask NSI about truly effective firewall solutions.

4. USB Keys & Portable Devices
Are you wondering about how things like Wikileaks happen? Think of what it takes
to move all that data out of a location clandestinely. Chances are it is easier than
you think. A single, cheap USB key (drive) can move 32 to 64G of data nowadays.
And what about iPods? Did you know they can transport even more than that?
USB hard drives – some can hold more than your server! Ask NSI about endpoint
control solutions to monitor USB and other ports on your network.

5. Its in the Email
Nearly all of us “live” in our email programs these days. Outlook is open all day
long on my desktop, and I rarely go half a day without using it for communications.
Of course, we are all very thoughtful about our email communications, never
inadvertently sending out sensitive information, attaching a sensitive document or
violating any other company policy or regulation in our constant use of our email.
Ask NSI about email security (antispam) and compliance services and devices.

6. Instant Messaging (IM)
What is faster than email and twice as hard to control? What can work just like
email but leave no traces behind (so much for your compliance issues)? Yes, it is the
miracle of instant messaging, whether it be AIM, ICQ, MSN Messenger, or Yahoo.
While IM can provide real productivity gains, it can bring danger and wasted time
to your office. Did you know that Microsoft offers a managed, reportable, business
grade IM solution? Ask NSI about controlling and tracking Instant Messaging.

7. Social Media
What can fritter away more time that YouTube and Solitaire combined? Yes, it is
Social Media (aka Facebook, LinkedIn, Twitter, etc.). There is simply no denying the
power and importance of these emerging technologies. Like IM above, these
technologies threaten both the security and productivity of your business, but very
few business can afford to forbid (or worse, ignore) their use. But monitoring and
tracking is key. Ask NSI about solutions for controlling and tracking Social Media.

8. Lack of Education
Finally, we have been assuming all along that the first response to each of these
issues is technological. But this is putting the cart before the horse. Data leaks from
many businesses simply because employees don’t know any better. The key here is
to put in place procedures, educate your employees and reinforce that training on a
regular basis. The very best security system in the world is of little use if the
employees leave the doors unlocked.

So put together a real security/data protection plan. Formulate simple acceptable
usage policies (AUPs) for your employees, and make sure they understand them
(and sign off on them). Train users not to fall for tricks like providing passwords
over the phone to strangers, or picking up stray USB keys in the parking lot and
putting them in their systems to “see what’s on them.” Security means vigilance.
Ask NSI about training your staff in security and data leakage prevention.

Net Sciences, Inc.
Since 1996, Net Sciences has been building reliable, secure networks for our New
Mexico customers. On networks of three to 300 computers, supporting law firms,
architects, engineers, scientists, accountants and nearly every other profession, Net
Sciences is the complete solution to your business network equation. Net Sciences
designs, builds and supports networks, keeping them running smoothly, and
protecting your data so that you can focus on taking care of business!