TIPS TO SECURE YOUR NETWORK
1) DESIGNATE YOUR IT PERSON
You need one person who knows how to secure your network, whether
s/he is the only one who knows what packet inspection means or you
already budgeted for your IT person.
2) WRITE UP A SECURITY POLICY FOR YOUR NETWORK
This policy has to state clearly what your employees may and may
not share with the rest of the world. This should cover what they may
download and how their business email address will look like, as well
as whether you have a VPN for them to access company data from
3) BUY A FIREWALL THAT IS SET UP TO INSPECT PACKETS
if you don't know what that means, then ask your designated IT person.
Block P2P unless your company is a P2P service, All IMs like AIM, LiveChat,
YahooChat, etc. need to be blocked, too. Social media that is to be blocked or be
usually benign: Twitter, GooglePlus (replace Internet Explorer with Chrome)
4) AUTOMATE A NIGHTLY VIRUS SCAN OF ALL COMPUTERS ON YOUR
This means worker's network access should be scheduled for 6AM to
10 PM. Set the scan on all the computers to 1AM. The antivirus software should be
able to report to the network server and store the results for each computer.
5) AUTOMATE BACKUPS FOR WEEKLY BACKUPS.
Backup to tape drives, and use the software that comes with it to
do a backup of the file server. Schedule this for 2AM to back
up in increments to the tape drive.
6) PREPARE FOR POWER OUTAGES
That means a UPS for the file server (200 W), and a UPS for every five
workstation (500 W) or ten (1 kW) assuming each workstation and monitor consumes
100 Watts. YMMV
7) IF MOST OF YOUR STAFF KNOW HOW TO USE A BROWSER AND OFFICE SOFTWARE, THEN
IT IS EASY TO UPGRADE TO LINUX
Consider Fedora 17. IF you buy a license for it, you get free support.
SELinux and Open