How to secure v.small network?

Mark M

Mark M

Mark M

Soldato
Joined
6 Jan 2006
Posts
3,407
Location
Newcastle upon Tyne
Wasn't sure if this would have been better in the Windows sub forum but thought the collective minds here may be more suited to a business solution...

I have a very small network, 4 computers, NAS drive and a network printer which are all hard wired to a small switch which is connected to a Draytek Vigor 2920n.

Ive just had Microsoft Security Essentials pick up a trojan on one of the computers that the apprentice uses which I can only presume has come from a Facebook or Twitter link or similar.

Weve only ever had one problem in the past which was actually on my computer(!) but Im wondering if there is some things I should be looking at to help safeguard the network. I appreciate its all down to the user but short of blocking facebook etc is there anything else to consider? To be fair, blocking Facebook wouldnt be an issue but I dont mind them using it on their lunch.
 
Honestly, for that size network I'd just ensure that:

- You have a good security suite installed and up to date on each PC (Mcaffe, Kaspersky etc.) with AV, Firewall, HIPS etc.
- Unless you have a requirement, ensure users are not local admins and run with UAC
- Take regular backups of your data and store it off site
- Educate your users: Tell them that you can get malicious tools installed from FB, torrents, downloads etc. This is the most important bit and will win most of your battles through 'training'

4 people is small enough to just manage in this manner, I don't think you need to over-complicate it

- GP
 
Remove local admin rights where possible from users, though some crummy 3rd party software will ask for admin rights (grrr).

You could also look at using a tool like CryptoPrevent to lock down programs running from AppData.
 
Thanks for the responses, Ive had a look at Kasperky and they offer a small business solution for upto 5 pcs and 1 server here which looks like it will do the job or is there something better? We dont have a server, just a NAS so will this wrk fine without the server?

Unfortunately I cant remove local admin rights as some of our software wont load when you do this.

Will look at CyptoPrevent now as Ive never heard of it
 
CryptoPrevent is a useful little tool. It helps to stop ransomware viruses like Cryptolocker. As far as backups go, make sure they're offsite (even if it's just a bunch of external HDDs). Somebody somehow managed to infect one of our file servers with a Crypto Locker copycat last year. The offsite backup was the only way to restore the affected files.
 
You must log in or register to reply here.
Back
Top Bottom