Spring cleaning in the IT network
Spring is the best time for a major cleaning. Administrators should take this opportunity to review the corporate network and processes. This increases IT security.
G Data explains what IT managers should tackle during the major cleaning and has compiled a "cleaning list to significantly increase security in the company.
Windows Active Directory domain control: Often, user accounts still exist even though the employees belonging to them have long since left the company. Forgotten user accounts are a prime gateway, but one that can be easily closed. If deleting a user account is not possible for some reason, then the account should at least be made inactive. Since it is generally not advisable to delete company information, accounts of departed employees should definitely be deactivated and moved to an appropriate organizational unit.
Capacity control: Do the hard disks still have enough storage space for the data growth in 2018? Network monitoring can provide information here. The module continuously keeps an eye on the infrastructure and informs administrators if the storage space is too low.
Network utilization: Network monitoring can also help check network activity to look for indicators of compromise. This can be, for example, potentially malicious software that establishes a connection to the outside world.
Backup set up and test: Is a backup set up? Have things perhaps been added in 2017 that are not yet backed up? Do the existing backups work at all? A successful practical test can provide information here and ensure less stress in the event of an emergency.
Update clients: A look at the software inventory can also be worthwhile. A patch management system provides an overview of installed programs and their versions - without having to install additional modules. On the one hand, this gives administrators an overview, and on the other hand, they can use it to derive steps that improve security - such as distributing patches through an additional module and restricting or removing problematic software. Modules that can be integrated into an existing security solution are recommended here.
Check user rights: Not all users on the network need access to all areas. Otherwise, unintentional changes can jeopardize network security, malware can be executed that can perform harmful activities with the far-reaching user rights, or credentials can be stolen and misused. Clear and understandable policies are important for an enterprise network. This is where policy management can help.
Disable USB ports: Many USB devices are automatically detected and set up as drives. To date, many users are not aware that even trusted devices can introduce potential malware into the corporate network. Therefore, IT managers should weigh up where USB ports should be enabled and where it is better to disable them.
IT security training for the workforce: Cyber attacks can quickly be successful if employees, out of ignorance, take unnecessary risks when working with a PC or mobile device and, for example, trigger a malware infection by clicking on a link in a spam mail. IT managers should therefore conduct regular training sessions and thus also raise awareness of current cyber dangers.