Network security best practices for the holidays

Credit to Author: Chris McCormack| Date: Tue, 10 Dec 2024 20:19:47 +0000

It’s that time of year when people in many parts of the world are looking forward to spending time with family and friends and taking a bit of a break.

Unfortunately, this time of year also sees a surge in cyber threats, as bad actors like to exploit the reduction in network monitoring over the holidays. Ransomware attacks, as an example, often spike significantly during this time.

To help you navigate this period safely, here are a few quick and easy best practices to better protect your network while you take some well-deserved time off.

For a full list of best practices to secure your network from ransomware and other attacks be sure to download our white paper on this topic.

1. Update your network infrastructure

Make sure that before you depart for the holidays, all your network infrastructure has been updated with the latest firmware. These updates often contain important security patches for known vulnerabilities or hardening enhancements.

If you’re a Sophos Firewall customer, make sure all your firewalls are updated to v21.

If you’re one of our customers still using soon to be end of life XG Series appliances, get an order in for your new XGS Series before you depart. Upgrading is easy and there are tremendous savings to be had – and if you upgrade early, you can overlap your licenses.

There’s also a new backup/restore assistant that makes upgrading to your new XGS Series appliance easy with full port-mapping options. And we just released a new line of desktop XGS Series models with new levels of performance and efficiency.

If you have other internet facing infrastructure like a VPN concentrator or WAF, make sure it’s also up to date.

2. Shut down any non-essential systems over the holidays

Any system that’s exposed to the internet is an attractive target for attackers looking to get a foothold on your network. If you have systems exposed to the internet, particularly via RDP or VNC, disable these systems over the holidays.

As you plan for the new year, explore implementing Zero Trust Network Access (ZTNA) to provide robust, next-generation protection for these systems and fortify your security posture. ZTNA will enable secure access only for specific authenticated users and will otherwise make your networked applications and systems invisible to attack.

If you don’t have ZTNA and you still need to access any systems remotely over the holidays, be sure to only allow access from the LAN and use remote access VPN – disable any port forwarding or NAT rules on your firewall. This also applies to any user portals that you may have provisioned – at least temporarily disable them over the holidays.

3. Ensure authentication is secured with MFA

Attackers often use brute force login attempts to exploit weak credentials, especially during the holidays.  Make sure all systems on your network are properly protected with strong passwords and multi-factor authentication (MFA). These measures significantly reduce the risk of unauthorized access and keep your network secure.

Sophos has products and services that can help

As you would expect, Sophos Firewall and our full line of network security solutions are secure by design as we take your organization’s network security extremely seriously.

Our network security products seamlessly integrate with our full suite of cybersecurity products and services – including our 24/7 Managed Detection and Response service designed to provide you with unmatched protection and peace of mind—especially during the holiday season.

Under attack? Contact us in an emergency

If you experience an emergency incident over the holidays (or any time), you can engage our fixed-fee Sophos Rapid Response service. Our team of expert incident responders will help you triage, contain, and eliminate active threats, and remove all traces of the attackers from your network.

Whether it is an infection, compromise, or unauthorized access attempting to circumvent your security controls, we’ve seen and stopped it all. Sophos Rapid Response is available 24/7/365, including over the holiday period.

Get the full set of network security best practices to secure your network

For a full list of best practices to secure your network from ransomware and other attacks be sure to download our white paper on this topic.

 

http://feeds.feedburner.com/sophos/dgdY