Regularly test the network to find and fixsecurityweaknesses and investigate any problems.
Use passwords to prevent unauthorisedpeople from accessing the network.
Enforce useraccesslevels to limit the number of people with access to sensitiveinformation.
Install anti-malware and firewallsoftware to prevent and destroymalicioussoftwareattacks.
Encrypt sensitivedata.
Penetration Testing
Penetration testing is when organisationsemployspecialists to simulatepotentialattacks on their network. It is used to identifypossibleweaknesses in a network's security by trying to exploit them. The results of the test are then reported back.
Physical Security
Physical security protects the physicalparts of a network from either intentional or unintentionaldamage (e.g. fire, flooding, theft, vandalism, etc).
Physical security can involve many different things, for example:
Locks and passcodes to restrictaccess to certainareas, e.g. server rooms.
Surveillanceequipment, e.g. cameras or motion sensors to deter intruders.
Passwords
Passwords help preventunauthorisedusersaccessing the network. They should be strong - they should be manycharacters long, use a combination of letters,numbers and symbols - and be changedregularly.
User Access Levels
User access levels control which parts of the networkdifferentgroups of users can access.
E.g. business managers are likely to have a higher access level allowing them to access moresensitivedata, like pay information. They may also have write access to files that others can only read and the ability to change employees' accesslevels.
User access levels help limit the number of people with access to importantdata, so help prevent insider attacks on the network.
Anti-Malware Software
Anti-malware software is designed to find and stopmalware from damaging a network and the devices on it. There are lots of different types of anti-malware software, including antivirus programs which isolate and destroy computer viruses. Companies also use firewalls to blockunauthorisedaccess.Firewalls examine all data entering and leaving the network and block any potentialthreats.
Encryption
Encryption is when data is translated into a code which only someone with the correctkey can access, meaning unauthorised users cannot read it.
Encrypted text is called ciphertext, while non-encrypted data is called plaintext.
Encryption is essential for sending data over a networksecurely.