To develop a good security system and prevention of attacks on a network, as a first step could be said that the implementation of a good troubleshooting, is the beginning of good practice for detecting network problems, so we can say it is important to ask the following questions to implement these best practices;
What are the vulnerabilities in the information assets of the organization?
How can you be engaging information assets with respect to confidentiality, reliability and business continuity?
Do detected vulnerabilities could cause damage to the image of the organization?
An external attacker can exploit vulnerabilities in the organization?
What are the security controls defined and implemented so far?
What is the effectiveness of the controls defined?
The goal is to identify gaps in existing security in an organization, and develop appropriate measures to ensure a level of network security, through:
Identify the difference in the organization with respect to controls, policies and processes security best practices and standards.
Evaluate existing security controls in the IT infrastructure.
Review the security organization, their roles, responsibilities and structure.
Develop Remediation Plan to reduce exposure to security risks.
Learn about existing vulnerabilities in the IT infrastructure.
Provide reliable information for making appropriate decisions.
Action Plan, designed to implement security controls with the priorities, strategies and objectives of the company.
Correction vulnerabilities found mitigating the impact upon the occurrence of events.
According to (Susan Kennedy), Network Technology is dramatically changing the computer world, creating significant business opportunities, as well as increased security risks. One such technology, networks, also known LAN, these increasing in popularity and institutional consumers, mainly due to its excellent use of data exchange. (Kennedy, 2014). For this reason, the following steps provide a guideline for a good practice to identify potential problems, and preventing that networks are damaged or infected by a virus or a hacker attack, can have a better safe environment, and a better understanding of networks and their operation
1: insufficient Policies, Training and Awareness; The development of policies or unreliable with many windows, where flight data is very easy, fault or neglect of proper update, little to no monitoring of networks, ineffective policy to not monitor users properly, and little awareness of unethical users.
Access restrictions; Recommend the use of a closed network and a hierarchy of good configuration protocol and limited in terms of levels of users in open access networks, this includes encryption and VPN tunneling.
3: Malicious access points; Implement studies to identify malicious access points, having a plan to limit access