Network security has become increasingly important, and not just because more and more users, devices and machines are connecting to the network. The network itself is also becoming more and more complex: there’s wifi, there’s the cabled network, VPN, guest network… And on top of that, there are new threats that are becoming more and more sophisticated. Combine these three factors and you have a highly combustible situation.

So where do you start? How do you keep everything in check? In the field, we see very different approaches. Some organisations are tempted to invest in the big guns first. They get a SIEM (Security Information and Event Management) or SOAR (Security Orchestration, Automation, and Response) solution and convince themselves they have it covered. Or it’s the other way around: they cross their fingers and try their luck without any costly technology.

The inconvenient truth about network security

When it comes to network security, it’s just hard to determine how much is enough. That’s why this is not a blog about “Barely affordable high-end security solutions”, nor about “ten tips to fix your access policy without breaking the bank”. Instead, it makes more sense to take a look at some measures that have a big impact, but are often overlooked. These tips will help you bring more consistency, more control and more insight into your network security.

5 things that are often overlooked when securing a network

1. Don’t neglect internal security

   Not all threats come from outside of your organisation. When we think of network security, we are often tempted to get stuck on hackers and cybercriminals, when the largest threat is often your own users and devices (BYOD, IoT). Having Network Access Control (NAC) will help you gain a firm grip of who and what is connected to your network.

2. Take a PEN-test

   It’s a buzz-word in network security, and they come in all shapes and sizes, but taking a PEN-test will expose your vulnerabilities and help you prioritize. Diving in without knowing where you should start makes no sense at all. So make sure to define the scope of the test, the goal and the approach. And last but not least: make sure you follow up the PEN-test with concrete actions.

3. Get two firewalls, preferably from two vendors

   Establish a Demilitarized Zone (DMZ). This is a zone in between your front end (web-applications, apps, mail…) and your back-end (your sensitive data). This zone is fenced off at either end by a firewall and serves as an airlock where you can analyse traffic, without running the risk of cross-contamination. Also consider getting a different firewall at each end, as this narrows down the margin for error.

4. Do not underestimate the human factor

   It’s the most common piece of advice you’ll hear, but it’s true nonetheless. Network security is always handled by IT, and that means it’s easy to get caught up in technology and forget about the humans that use it (and that mess up). There are tons of good tests and programs that can help you raise awareness, but the most important thing is not to focus on end-users alone, but focus on network admins and IT-operations as well. Training, best practices and education are equally important here.

5. Above all things, aim for consistency

   Network security has become more complex. The network itself is often a patchwork of solutions that has grown organically over the years. And so is network security. So when you’re thinking of ramping up your efforts, the most important thing is to achieve consistency. You want the same policies enforced for the same users and devices across all of your networks. And that means you need centralized management, insight ànd technology that works in a multivendor environment.