More and more remote users and mobile users are required to access programs and network resources through the process. Therefore, management of such users brings security challenges. This connection has an impact on network protection and brings financial risks to enterprises. If the network is affected by the next generation of red code or Nimda virus, what kind of losses will it suffer. The following 10 rules are effective for effectively managing the security of mobile users:
1. Scanning: users who access the Internet through broadband (DSL, home Cable, or WLAN) may be scanned. The packet filtering PC firewall can reduce this risk, it can be used in combination with existing network security tools.
2. worms and viruses: anti-virus software cannot be abused. For static desktop users, installing email detection is sufficient. However, for mobile users, WEB-based emails are accessed, and there is a new risk. If anti-virus software is not installed, the virus may spread once the enterprise network connection is established.
3. Lost LAPTOP: if the data in the laptop is valuable, consider disk encryption or tracing software. In addition, to prevent the laptop from spoofing Network Authentication, consider strengthening the authentication method. It is easy to use hacker tools to obtain the user name and password of the laptop. To prevent thieves from connecting to the network, consider encrypting the network connection and ensuring that the VPN user authentication method is not machine authentication.
4. Sleeping Trojans will be awakened at any time when they are asked, and the laptop will become a tool to initiate a Denial-of-Service attack, exposing enterprises to potential risks. The firewall can block many Trojans by blocking the corresponding ports.
5. Security/gateway VPN: VPN provides two security measures: encrypt data during transmission, and authenticate connected users and machines, however, unfortunately, this makes the notebook more a target for accessing the network. Therefore, it is strictly prohibited to separate transmission channels and improve user authentication.
6. Multi-Environment/Multi-policy: In the Security Policy, you need to consider the mobile user environment. Through the cooperation ISP or its own ISP users, you can directly access the network through the VPN, therefore, there must be strict standards for user orientation and access methods.
7. Operating System: Use a standard and stick to it. configure a strong win2000, disable personal WEB Services and other unnecessary services, and fill in all the necessary supplements.
8. User-managed security: users cannot manage their own security. If they are warned of security events, they can seek help or close security programs, enterprise-level tools allow transparent security measures to common users and leave policy definitions to network experts.
9. Simple policy: the biggest security problem is misconfiguration policies. To obtain the best effect from security tools, select a common approach and a familiar structure, and update and check security measures frequently.
10. Warning or no warning: consider the support and response when a security issue occurs. How can the data be collected if it is scanned? Include invisible costs under control by collecting monitoring data. The best method may be an independent application tool. Anti-virus software can isolate worms. The firewall automatically shields problematic ports and provides 24x7 monitoring and analysis.