Cybersecurity Checklist Part 5 – Securing Groups, Assigning Permissions, and Web Monitoring
In this week’s blog, we focus on how you can designate access for groups and users within your networks.
Network Segmentation – Network segmentation allows your network to be logically or physically organized by device type, purpose, or security requirements. This can improve performance and allow network traffic to more sensitive areas to be shaped, monitored, and controlled.
Permissions Configuration – After networks are segmented, NTFS permissions should be set for shares and files based on the security groups previously established. Ensure the correct permissions are set and secured appropriately for each group. Best practice is to conduct a regular audit of each group to ensure the proper resources are members.
Logical Security Policies – Logical security implemented by software such as Active Directory safeguards networks to ensure users can only access specific allowed resources and information within the network or perform specific actions at a workstation. Each user is assigned a user ID and password to authenticate their network access. Privileges and authority levels are assigned based on the user’s role to ensure that only specific users can perform authorized actions.
Web Control and Monitoring – Do you know what your employees are accessing on a day-to-day basis? Using a web monitoring service can help you monitor the traffic that goes in and out of your network. Consider a service that allows you to assign access to individual users, such as Cisco Umbrella. For example, you may not want all your employees to have access to social media, but your Marketing team may need it as part of their business strategy. Umbrella allows you to create allow and block lists for specific domains so the appropriate people can access specific sites. Controlling the traffic within your network will help minimize the risk for a cyberattack.
Segmenting your network and the security levels of your users is vital to protecting your environment. For more information on how we can help you improve your network security, contact us today.