Aug 25, 2016 08:00AM
● By MED Magazine
By Jerry Odom
When it comes to technology, do you ever wonder where the concept of “best” comes from when someone tells you that there is a “best practice” for their approach?
Does it come from years of industry-standard experience and successful implementations across a variety of clients, or does it come from an IT magazine or blog as the current catchphrase? The word “best” traditionally implies a mastery of a given subject. Given the vastness of information technology and the speed at which it evolves, the term “best” may be questionable.
Rarely is a “one-size-fits-all” approach actually right for all. It often results in many unforeseen challenges given the vast differences between organizations across the spectrum. What makes more sense is to look at the practices of companies who have successfully delivered IT solutions globally to every household name in the world.
One such company is Microsoft Services Consulting division. Instead of trying to fit everyone into a box called “best practices”, they employ a series of recommended practices that are applied to many different environments or infrastructures. A recommendation to follow certain industry standards or guidelines offers flexibility and allows a repeatable process to be implemented across an organization to fulfill its needs.
Top of mind for most business and IT professionals is CyberSecurity. For most, the puzzle of cybersecurity is overwhelming. But, by following recommended practices, you can simplify the overall process.
Seven recommended practices that will yield great benefits towards bettering your IT CyberSecurity:
1. Standardization of software operating system baselines for desktops and tablets as well as security standards for mobile devices.
2. Implement end-user technology use agreements and network policies and procedures to your business.
3. Educate end-users on how to protect themselves from viruses, malware, and social engineering attacks.
4. Restrict access from the outside by allowing your firewall to block all nonessential inbound traffic and tightly control any remote access.
5. Leverage technology to decipher SSL traffic to filter virus, malware, and other undesirable content from entering your network.
6. Virus and malware protection on the client side as well as the firewall.
7. Control of the network infrastructure using 802.1x on all internal use wireless networks.
A key point to understand is that the most secure networks are not the ones with the best IT staff. The most secure networks are the ones with solid processes in place that are run by the smart IT staff. You can have the best IT staff in the world, but if they are not following a recommended practice that is repeatable, proven and tested, then your infrastructure will fail.
These basic steps will go a long way toward making your cybersecurity as good as it can be. There is no such thing as a bulletproof network; however, all networks can better their cybersecurity by implementing recommended practices. Risk mitigation and adapting to evolving threats is the name of the game.
Jerry Odom is a Solutions Architect at Golden West Technologies.