June 7, 2021

Best method of securing an completely unsecured network

It seems overwhelming to me thinking about what to do in this scenario. Where would you begin? Scans of the network, looking for vulnerabilities? How do you go about mitigating an issue without setting something else like ransomware? Would you need to have a clean back up of the network if this is the case?

Comments

Cypher_Blue

You start with a system diagram so that you understand the ins and outs of how data moves and is stored on the network from an operational standpoint.

Then you do a risk assessment and start with the most serious things and work your way down.

Teddy141345

I would recommend a System Diagram with an inventory of what you have. If you don’t know what is out there you cannot plan for how to work with it.

If you continue to feel overwhelmed then call a consulting company to jump in and help you out. Spending money up front vs. getting hacked a company will take spending the money up front. The hard part is convincing them to spend the money. If it comes down to it just go online and find some stats about cost of doing things right vs the cost after a hack, that usually changes minds quickly.

tweedge

u/Cypher_Blue is correct. Address your biggest risks first and work down from there. Though to add, here are what I *suspect* some of your biggest/earliest actions will be:

* Identify central resources (e.g. file servers, domain controller, etc.)
* Harden the hell out of the central resources. Make sure they’re backed up, access is locked down, updated, disinfected, monitored, etc.
* Begin controlling what can join the network – split off employee devices (e.g. workstations) from employee recreational devices (e.g. mobile phones) if possible and reasonable for your setup.
* Segment the network so that individual machines can no longer communicate with each other directly, only central resources and the internet (if a less-controlled network is available for mobile devices, these should not be able to see *any* central/sensitive resources).
* Get a security baseline for all devices that can connect to your central/important resources, and roll them under one device management umbrella.

Iterate and improve from there to fix the identified issues and implement controls where appropriate (e.g. getting everything updated, enforcing antimalware enablement, removing uTorrent from Dave in Accounting’s PC, etc.).

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.