Today, in the final installment of our Security Spring Clean series, we encourage you to be bold.
We are going to guess, and we think we will be right, that somewhere in the back corner of your server room there’s a box that has been plugged into the switch since no one knows when. Another thing that no one knows: what that box actually does.
So, here’s where you need to be bold, intrepid admin. Dive in. Figure out what the box does and then yank the power cable if you don’t need it anymore. That’s the first step in the spring clean your network probably needs … What else should you do for your network? Read on.
Take inventory of your equipment
You’re already doing the research to figure out what that mystery box does, so, while you’re looking at the network diagram, take a few minutes to do a physical inventory of your equipment. Anything missing? Anything need replacing?
You have to know what you own. You have to know how old the equipment is and when it needs to be replaced? And speaking of replaced, does anything need to be swapped out now? Be proactive about making sure that your critical systems are kept up to date. Better to do it now than when you are forced to do it in a crisis. You’ll save money, time, and resources in the long run.
Take inventory of your software
And while you’re in audit mode, look at your software too. It’s important to know what’s on your system for purposes of license renewals, policy decisions, and network security concerns. The more software you’ve got on a machine, the more potential for exploitable vulnerabilities.
Do a companywide audit of your patches
Chances are you’re already on top of regularly patching your systems, but an annual check to make sure nothing has been missed is a precaution worth taking. This is especially true if you have a lot of transient assets (and we know you do) — laptops, tablets and phones that move in and out of the network. It’s too easy for those to get left in a bag or a pocket and a critical update be missed, leaving either the device operating inefficiently or, more important, the network vulnerable when it didn’t need to be.
Is it time to outsource?
This list isn’t long, but that doesn’t mean it’s easy either. Audits like the kind we are talking about here are time consuming. For IT departments that consist of one or two people, being able to set aside time to do this kind of necessary work is tough. For some, it’s impossible. If that’s the case, have you considered outsourcing some or all of your network management?
There are definitely some network devices that you can have managed remotely. We can think of at least one security device. There are also some Software as a Service solutions you might want to consider. Your people could be operating with the latest versions of, let’s say, their accounting software of choice and you aren’t having to manage licensing or updates.
Granted, budgeting can be in issue when it comes to outsourcing, but it’s always something worth considering.