Here’s a question, how often do you check to see who has access to your network? How often do you make sure that people who aren’t supposed to be logging in don’t actually have access?
With the volume of digital information that forms part of most businesses it can be hard to do this. However, the secret comes down to keeping security as simple as possible. Complexity is always the enemy of security.
The first step is to review exactly who is supposed to have access and compare that with the accounts that the network knows about. If there are accounts for users who are no longer part of your organization, then they should be disabled and even better removed from the network. Good security practices dictate that users should only be using their own accounts and not sharing them with others.
Once you have cleaned up the list of network users then you need to build a list of exactly what people should have access to. What folders should each group be able to access? Should they be able to both read and write in those locations? A simple spreadsheet is probably the quickest and easiest method of capturing this information.
Once you have the list of what you want people to access then you can match the people to the resources. Best practice again dictates that you use groups to manage security rather than assigning users individual rights to resources. That way you can easily add users in and out of groups down the track without the need to revisit assigning security to resources.
Once you have all of this worked out then you can use the resources in your network to conduct regular auditing checks to ensure that there is no unexpected or unwarranted access. This should be conducted on a regular basis.
Remember, Correct Solutions is always here to help you with the security of your network. From designing it, to managing it to auditing it we can help so please don’t hesitate to contact us for assistance.