Over the years, the Bring Your Own Device (BYOD) policy has become an accepted norm in organizations across the globe. Employees are continuously using their smartphones to access company’s network, download important files and share sensitive data for collaborative projects. However, a number or organizations are still looking for ways to implement a strong BYOD policy, which increases employee productivity and eliminates any potential security risks.

Tips for implementing BYOD in your organization:

Specify Which Devices Are Permitted

Firstly, you need to set clear policies regarding the devices that are allowed to be used for work. Depending upon the network settings and security measures, you should decide the devices that will be supported. For instance, most organizations permit the use of only iOS devices due to their advanced security software and privacy-enhancing features.

Establish Strict Security Policies

Before allowing the employees to bring their own device, make sure you mandate a strong password policy. Ask the employees to lock their device using complex log in credentials and change it at frequent intervals. This will prevent unauthorized access to the official accounts and sensitive information, even if the device is lost or stolen. You can also require two-factor authentication for employees who access company’s financial details or client information on their mobile device.

Install Mobile Security Software

You cannot have complete control over the type of information an employee accesses through his smartphone. Malicious file downloads and spam websites can install malware on the device which may jeopardize the security of files stored in it. Therefore, you should make it mandatory for them to install an anti-virus software and run frequent scans to detect as well as remove any potentially dangerous application. You can even choose a security software that offers additional features, such as device tracking and remote wipe.

Decide The Apps That Will Be Allowed

This applies to all the devices that connect to the corporate network, be it your organization’s computer system or the employee’s personal smartphone. You should restrict the use of social networking applications, games, remote desktop access, VPN and other software that may pose a threat to the company. You can also block downloading of applications from third party sources.

For more tips on successfully implementing BYOD policy in your organization, feel free to contact Centex Technologies at (972) 375 – 9654.

Ransomware is undoubtedly one of the most harmful types of virus attacks for any corporate network. When a computer system is infected with the malware, it locks down all the files stored on the local hard disc, demanding a certain amount of ransom from the victim to get access to the data. Over the last few years, ransomware attacks have increased and have become a lot more targeted. Therefore, you need to stay proactive and protect your network from getting infected with this malware.

Here are some steps you need to take to ensure that your network is ransomware proof:

Perform Regular Backups

Though this is the most basic defense against ransomware, performing regular backups goes a long way in minimizing the consequences you have to face in the event of an attack. Create and implement a policy that requires the employees to backup their files at frequent intervals. When you have a copy of the files, your business activities would not be hampered due to a ransomware attack.

Disable Remote Access

In most cases, ransomware exploits the vulnerabilities in the computer systems or mobile devices used to access your network remotely. Though remote access allows employees to work from anywhere, it also increases the chances of a hacker being able to infiltrate the corporate network. Therefore, you should disable remote access, particularly on the systems where it is absolutely not required.

Deploy A Firewall

Install a reliable firewall software to prevent ransomware from getting access to your network. When you have set the rules on what type of content can or cannot be accessed on a computer system, you can significantly limit your network’s attack surface. It will also scan all the file downloads in real time and block the ones that potentially contain a malicious code.

Setup correct file and folder level permissions

Just like a firewall software protects you from external attacks, setting up file and folder permissions is important to secure your network internally. Make sure that the employees have access to only those files which they need to perform their tasks. For instance, marketing employees should not be able to view, modify or share the HR department folder. This will not only provide protection from ransomware, but lead to a more secure network environment on the whole.

For more information on ransomware and how you can safeguard your corporate network, feel free to contact Centex Technologies at (972) 375 – 9654.

View Full Image

Continuous network monitoring is one of the core elements of maintaining a secure and efficient IT infrastructure within an organization. As network systems have evolved over the past few years, it is essential to manage the configuration of all the network devices, servers and services to ensure timely detection as well as removal of the potential threats.

Given below are some of the tips for implementing a successful network monitoring strategy:

Note the baseline network performance

In order to identify any problems in the network infrastructure, it is important that you have an idea about its normal performance. Documenting network functionality over a period of time can help you to set accurate thresholds and receive alerts when the network is not performing up to the mark. Base-lining also facilitates proactive troubleshooting and prevention of downtime before it causes problems to the users.

Inventory management

You need to have an in-depth understanding of the IP devices, routers, switches and servers that make up your network. Make a detailed inventory of all the items you need to manage and add them in your network monitoring software. Categorize all devices on the basis of usage, vendor, location, data center and other parameters. Create a map and form connections between the system so that it represents your network architecture. This will give you a visual idea about how the inventory should be maintained.  

Monitor and report at every level

Every element in diverse corporate network operates on a separate layer to contribute to its overall functionality. In the event of a system failure, it is critical to identify the layer at which the data connection has been interrupted. Therefore, your network monitoring system should focus on observing and reporting problems at all layers. This will make it easy for you to detect if the issue has been caused due to malfunctioning of hardware, router, bandwidth or any other component.

Prepare for network expansion

With the expansion of your organization, your network also needs to evolve and incorporate new technological upgrades. This, in turn, will also increase the number of devices, network bandwidth and storage space required. Therefore, make sure you choose a scalable monitoring system that allows you to include more devices and interfaces as and when they are added to the network.

We, at Centex Technologies, provide comprehensive network security solutions to the business firms in Dallas, TX. For more information, you can call us at (972) 375 – 9654.

Penetration testing is an important step while evaluating the security of a corporate network. It involves simulating a hacking attack on the network with an aim to breach its security and gain access to the confidential data. This helps IT professionals to determine the potential vulnerabilities that can be exploited by the hackers and how they can be fixed. However, carrying out an efficient penetration testing requires a lot of research and in-depth technical knowledge.

Given below are some steps that need to be followed for successful penetration testing:

Perform A Thorough Analysis

Firstly, you should have a clear idea about all the physical and intellectual assets of your company that you want to protect. Assess your network inside-out to determine the elements that are more susceptible to an attack and can severely hamper the functioning of your organization. Also, review your security policies to ensure that the penetration testing team is not able to get into the network.

Conduct A Pilot Study

Before initiating the penetration testing process, consider performing a pilot study on a small portion of the organization’s resources. This will help to identify the type of problems being faced and if any additional training or knowledge is required to deal with them. A pilot study will also allow the team to plan and structure the large scale penetration testing.

Choose A Penetration Testing Method

The next step is to select the most suitable method for conducting the penetration testing. Typically, you can choose from black box or white box tests. The former one involves initiating the attack without any prior knowledge of the company’s security systems and unpatched vulnerabilities. In a white box test, on the other hand, the tester has access to the sensitive information, such as network diagrams, IP addresses, source code etc.

Determine Who Will Perform The Test

This involves creating a strategy for the test. Determine who will perform the penetration test, an in-house team or an outsourced one. If the test involves the use of social engineering techniques, decide on the type of email that will be formulated and which employees will be the targeted. Create an information security incident response team who will stay updated with the penetration testing and ensure objectivity of the results.

For more tips on conducting successful penetration testing, you can contact Centex Technologies at (972) 375 – 9654.

View Full Image

Choosing the right storage solution for your company’s data can sometimes be a complex decision. It is important that you gain a deep insight into all the options available to determine the one that will be most suitable for your virtual environment. The technology will depend upon the following factors:

• The type of data you want to store
• Your budget
• Usage pattern
• Scaling concerns

Discussed below are the two main types of data storage, Network Attached Storage and Storage Area Network.

Network Attached Storage (NAS)

NAS involves the use of TCP/IP protocol, such as Ethernet, to connect to the network. An external device is attached to the web servers through a LAN or WAN. NAS devices usually run on a built-in operating system and management interface. Employees can easily access the files stored on the NAS just as they are on a local hard disc.

Benefits

• Installation of NAS devices is very easy and does not require much time. In case you are in an urgent need for additional storage, NAS is your best option.
• As file serving and storage is not handled by the web server, it reduces downtime to a great extent.
• The NAS system is quite flexible and can work efficiently in organizations that work with different operating systems.
• The low capital investment makes it a good choice for small to medium sized businesses.

Limitations

• The scope of NAS devices is limited. They are only suitable for sharing files over the network.
• The performance of NAS devices depends a lot on the network quality. Therefore, you need to get extended bandwidth while deploying a NAS solution.

Storage Area Network (SAN)

SAN is a more complex technology that connects to the network through a fiber channel or SCSI (Small Computer System Interface) protocol. The files are managed centrally and can be shared between multiple computer systems.

Benefits

• SAN offers a high level of scalability. You can add as many storage drives you need to keep your data secure.
• It is a suitable option if you require reliable storage solution to handle large volumes of data.
• SAN system allows multiples users to access the files seamlessly, without any slowdown or downtime.

Limitations

• The requirement of specialized equipment increases the upfront cost of installing a SAN system.
• There is an increased risk of data corruption if several host machines connect to the same SAN device.

For more tips on choosing the right network storage solution for your organization, feel free to contact Centex Technologies at (972) 375 – 9654.

View Full Image

Maintaining a secure network infrastructure is one of the major challenges faced by IT security professionals. All the hardware and software components are critical for seamless connectivity, communication, operations and management of the network. However, the rise of Bring Your Own Device (BYOD) culture and cloud computing resources has made it even more important to protect your company’s information as well as assets.

Given below are some of the tips that can help to secure your network infrastructure:

Understand your network design

First and foremost, you need to understand how the network infrastructure at your organization functions. Gain knowledge about the devices that are connected to the network and the points through which data is transmitted between them. 

Review all the applications

The applications and programs installed on your organization’s computer systems can provide a backdoor for the hackers to gain unauthorized access. Undetected malware, viruses and Trojans can make the entire corporate network vulnerable to various hacking attacks. Hence, it is essential to constantly review all your applications and software programs to ensure that they are completely secured.

Build a security culture

Provide proper IT security training to your employees and set clear guidelines regarding safe usage of the infrastructure. Make them familiar with the common online threats and what should be done to stay protected. This will create a strong security culture and help employees understand their responsibilities towards protecting the company’s resources.

Use secure socket layer

A secure socket layer (SSL) can add a layer of protection to your network infrastructure. It encrypts all the information while it is being transmitted between a user and the web browser. This ensures that the information being shared within your corporate network is not read, manipulated or used by any unauthorized individual.

Avoid adding complexity to your network infrastructure

Unless it is absolutely necessary for the optimal functioning of your organization, do not complicate your network infrastructure. Adding superfluous devices, servers, wireless endpoints etc. increases the chances of your network getting compromised. In case you need to add a network service, ensure that it is properly secured. This, way, even in the event of a breach, the functioning of your entire network will not be jeopardized. 

For more tips on securing your network infrastructure, feel free to contact Centex Technologies at (972) 375 – 9654.

Software as a Service (SaaS) cloud storage solutions have offered numerous benefits for the business owners. By simplifying access to technological resources, reducing delivery times to clients and giving employees the freedom to work from anywhere, cloud applications play a major role in increasing business productivity. However, with all critical information stored off-premise, data loss remains a constant concern.

Here are some of the common causes of SaaS data loss:

• User Deletion: This is one of the biggest reasons of data loss in the cloud. The registered users may accidentally overwrite a shared file or delete a scrapped document, just to realize later that the data was important.
• Phishing And Hacking Attacks: Cyber criminals may launch a hacking or phishing attack to gain unauthorized access to data stored in the cloud. By tricking the users to click on a spam link or download a file, the hackers may be successful in stealing their cloud login credentials and manipulating the data stored therein.
• Data Corruption: At times, the data center of the SaaS cloud provider may be unable to retrieve the stored data. Without proper backup solution, important information may become inaccessible or corrupted.
• Third Party Applications: Using a third party application can put SaaS data at risk. These apps may contain viruses that overwrite or delete the information stored in the cloud. There are higher chances of data loss if emails, documents, contacts etc. are stored in multiple devices.
• Closed Accounts: Considering the employee turnover in a company, the SaaS accounts may also be closed or deleted. This may lead to the loss of important data stored by the former employee.

Tips To Prevent SaaS Data Loss

• Identify Important Information: Firstly, you need to identify the sensitive information stored on all the computers connected to the cloud. The data may include client names, personal details of employees, salary information, credit card information, social security numbers etc.
• Prevent Document Sharing: You should implement strict policies that prevent accidental or intentional sharing of files outside the organization. Restrict access to the sensitive information and block file transmission to email addresses that do not have your company’s domain.
• Backup Your Data: There are many cloud backup applications that allow you to store a secure and easily retrievable copy of your data. The information is stored in an encrypted form and can be accessed only by the authorized users.

For more tips on preventing SaaS data loss, you can contact Centex Technologies at (972) 375 – 9654.