Network security – Simple ways to lock down your network

Lock It Up!
Network devices provide PCs, Smartphones, printers and other devices a connection to information on servers and a connection to the internet. Any access point that you add to the network is now a touch point that must be managed. These devices are not “set it and forget it” technologies and need to be updated, swapped and managed. Here are some ways to ensure your network is not being accessed maliciously:
- Default passwords – any time you put in equipment, whether it is a router, WiFi, copier or switch, the default passwords need to be changed. All of these units are preconfigured with a default admin username and password that is available on the internet. If you don’t change these credentials, anyone can log into these devices and give access or steal files from hard drives.
- Vulnerability Appliance – It’s important to be notified when a device is connecting to your network. There are many software companies that can put an appliance on your network for a monthly fee and scan for any new devices or vulnerabilities. If a new device gains access, an email is sent to an admin as a “heads up.”
- Firmware Updates – these are Windows Updates for equipment released by the manufacturer to increase performance and to patch security holes. A check should happen at least once a year.
- Ensure Wireless networks are using WPA2 Security Protocol with AES encryption.
- Firewall Lockdown – the firewall is the router that sits between your network and the internet (connected to your ISP). Here are some critical lockdowns that must be done:
- Change default username/password.
- Turn on brute force attack handling to limit the number of connection attempts at a time.
- Close Ports! Think of your firewall as a brick wall. A port is a brick that makes up the wall. Applications run on specific posts, and in order for them to communicate with the internet, ports need to be open. If you must open a port (for email or other communication), ensure you only allow traffic from a specific IP address. For example, if you have a second office that needs access to a program at the main office, setup the port to only allow traffic from the second office’s IP address.
- Update firmware and do yearly penetration testing.

Related Insights
Is your business truly protected 24/7?
March 24, 2025
Is your business truly protected 24/7? A SIEM (Security Information and Event Management) solution is more than just a compliance tool—it’s a crucial asset for business security. ✅ Detect threats early, whether… Read more
Anti-Virus Software vs. Endpoint Detection and Response
February 26, 2025
Is your business still relying on outdated anti-virus software security? Traditional antivirus only stops known threats. EDR uses AI and real-time monitoring to detect and stop attacks before they spread, even if… Read more
What is vulnerability scanning?
March 29, 2023
Just because you’re not using an application doesn’t mean it’s not vulnerable. Vulnerability scanning is a platform that will look for weaknesses on the systems and hardware that live on your network…. Read more