Keeping your networks up and running is essential to your business. Without network access you can't send or receive emails, take on-line orders, access your on-line banking or take care of any of the other critical applications that drive your business forward. You might need a comprehensive network security solution. But what you really want is business continuity.

“Network security is no longer just an add-on to your IT infrastructure,” says Andrew Khan, Fortinet Senior Business Manager at Ingram Micro, New Zealand's largest distributor of Fortinet's cyber security solutions. “It is an integral component of every node on your network: servers, end user devices including smartphones and laptops and switches. Ideally every one of these security applications work in concert with each other and your network. You should be able to see, via a dashboard, exactly what is happening on your network – traffic, users, data access and applications – so that you can adjust traffic flows if there are bottlenecks or block any unauthorised activity. This convergence of operations and security gives you more control than ever over your network and provides an unprecedented opportunity to ensure that your network operates at maximum efficiency.

Network operations and security go hand-in-hand. “You can't separate them,” continues Khan. “They are both equally essential to maintaining business continuity. As you monitor traffic patterns and user behaviour you can see immediately if there are any anomalies that might indicate a security event. At the same time you can ensure that you have allocated enough resource – processing power, bandwidth, etc – to fully support your users as they go about their business. And because you are building a complete profile of network activity, you can create comprehensive reports for cost accounting, governance and compliance. All of this delivered from your network security solution – Fortinet.

Security policy: The blueprint for protecting your business

To provide business continuity, planning is essential. “A well-thought out, comprehensive security policy is essential to keep your business processes performing at optimal efficiency,” says Khan. “Specifying your security policy is not a technical issue but a managerial and administrative imperative. You can leave the specific details of actually designing, installing and configuring your security framework to the professionals – be they in-house, a contractor or in the cloud – but you are responsible for giving them clear instructions. Anything else leads to confusion, cost over-runs, poor performance, gaps in your network security profile and, ultimately, lapses in your business continuity.

Start with what you have

Most businesses already have de facto internet security policies. “You have guidelines for appropriate use, policies on which staff can access which data, back-up and archive procedures to protect your data in case of a disaster and other key considerations,” continues Khan. “But have you specified what type of reports you need to satisfy compliance and overview requirements? Do you have a policy for locking down any personal devices that staff might be using to access your network? Do you have an emergency plan if your network is hit with malware? Or a disk failure? And do you have all of these procedures set out in one document available to key staff and a summary for everyone else?

“The best way to ensure that your security policy is up-to-speed is with a workshop and whiteboard including you, your IT people, key staff and any other IT-savvy staff,” continues Khan. “Outline what you have now, what you know, what you want, what you think the risks are and any other pertinent information. List, to your best ability, your data, applications, IT-related business processes, infrastructure, traffic patterns and internet usages and anything else that comes to mind. Once you have the general scope defined, you can start to drill down into specifics. And then you can create a working document.

It all comes down to understanding your business objectives. “Your goal is to keep your business running at peak efficiency,” concludes Khan. “Management techniques have been refined into a series of ‘best practices'. By adopting a programme of forward planning, specific network security policies, rigorous reporting in both real time and specific intervals and continuous review of performance you can ensure that your business processes will operate smoothly A sound network security policy, backed up and enforced by the right combination of hardware and software, are the twin tools that your business needs to compete successfully in today's network-centric economy.

Andrew Khan, Senior Business Manager Email: andrew.khan@ingrammicro.com M: 021 819 793

David Hills, Solutions Architect Email: david.hills@ingrammicro.com M: 021 245 0437

Hugo Hutchinson, Business Development Manager Email: hugo.hutchinson@ingrammicro.com P: 09-414-0261 | M: 021-245-8276

Marc Brunzel, Business Development Manager Email: marc.brunzel@ingrammicro.com  M: 021 241 6946