It’s that time of year when network admins in many parts of the world are looking forward to spending more time with family and friends and less time in front of their management consoles.

Unfortunately, this is also a peak period for cyberattacks. To help ensure your network is optimally secure over the holidays, here are a few quick and easy best practices you can utilize.

For a full list of best practices to secure your network from ransomware and other attacks be sure to download our whitepaper on this topic.

Update firmware and shut down unnecessary systems

Make sure that before you depart for the holidays, all your network infrastructure has been updated with the latest firmware and any unnecessary infrastructure is shut down and offline.

Any system exposed to the Internet either directly or indirectly (via NAT) represents a potential vulnerability and risk. Eliminate as much of that attack surface as possible by taking it offline, and update and lock down the rest.

Firmware updates often contain important security patches for known vulnerabilities or hardening enhancements that can improve your security posture. If you’re a Sophos Firewall customer, make sure you’re running the latest firmware update for your device and consider enrolling in the early access program for Sophos Firewall v22, which includes many new security hardening features and a new Health Check feature to ensure your firewall is configured optimally.

If you have other internet facing infrastructure like a VPN concentrator or WAF, make sure these systems are also up to date or shut down.

Check your configuration against best practices

Double check that all access controls, portals, NAT rules, networked apps, IoT devices, and administration systems are either disabled or locked down.

As mentioned above, if you’re a Sophos Firewall customer, consider upgrading now to the v22 early access program to take advantage of all the new security hardening capabilities and the new firewall Health Check feature that will assess your configuration against best practices to highlight any risky areas.

Ensure all systems use strong authentication with MFA

Make sure all admin consoles and remote access systems are either shut down or protected against brute force attacks or stolen credentials with multi-factor authentication.

As you would expect, Sophos Central, Sophos Firewall, ZTNA, and our full line of network security solutions leverage MFA to help protect your systems from unauthorized logins. Sophos Firewall v22 also includes new MFA support for the Web Application Firewall – one of the many top requested features in this release.

At any rate, make sure MFA is enabled for all your systems.

If you’re attacked, we can help

If you experience an emergency incident over the holidays (or any time), you can engage our fixed-fee Sophos Rapid Response service. Our team of expert incident responders will help you triage, contain, and eliminate active threats, and remove all traces of the attackers from your network.

Whether it’s an infection, compromise, or unauthorized access attempting to circumvent your security controls, we’ve seen and stopped it all. Sophos Rapid Response is available 24/7/365, including over the holiday period.

Source: Sophos