{"id":8187,"date":"2014-10-23T08:02:55","date_gmt":"2014-10-23T12:02:55","guid":{"rendered":"http:\/\/www.engineeringradio.us\/blog\/?p=8187"},"modified":"2023-03-26T09:25:48","modified_gmt":"2023-03-26T13:25:48","slug":"network-security-part-ii","status":"publish","type":"post","link":"https:\/\/www.engineeringradio.us\/blog\/2014\/10\/network-security-part-ii\/","title":{"rendered":"Network Security, part II"},"content":{"rendered":"\n<p>With the spate of ransomware and crypto virus attacks on automation systems, perhaps a quick review of network security is in order:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Isolate the automation system on a separate network from the general office network and do not allow internet access on the automation system&#8217;s workstations or servers.<\/li>\n\n\n\n<li>Use a separate switch for all automation network connections.<\/li>\n\n\n\n<li>install a small router between the automation network and the office network.\u00a0 On the router, the WAN port faces outward toward the office network, making the WAN port non-pingable.\u00a0 Grant access from the office network for certain users; e.g. traffic, music director, etc via access lists.\u00a0 Open up a few ports for VNC or RDP on the router so technicians can remotely access machines to do maintenance and troubleshooting.<\/li>\n\n\n\n<li>Use supported and up-to-date operating systems.<\/li>\n\n\n\n<li>Use separate admin and user accounts, make sure that admin rights are removed from user accounts, and keep machines logged in as users.\u00a0 This ensures that some errant DJ or other person does not install any unauthorized programs.<\/li>\n\n\n\n<li>Install and keep up to date with a good antivirus program.<\/li>\n\n\n\n<li>Back up the data and test the backups.<\/li>\n<\/ol>\n\n\n\n<p>The office network is more vulnerable because of the human element.\u00a0 Internet access is required, of course.\u00a0 Click on a pop-up, sure!\u00a0 Hey, that photograph has a funny file extension, lets&#8217;s open it and see what it is.\u00a0 I never heard of this person before, but look, they sent me an executable!<\/p>\n\n\n\n<p>Much of the office network security will rely on the quality of the router connected to the internet and the antivirus software installed.&nbsp; Of course, the network users have a good deal of responsibility also.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>With the spate of ransomware and crypto virus attacks on automation systems, perhaps a quick review of network security is in order: The office network is more vulnerable because of the human element.\u00a0 Internet access is required, of course.\u00a0 Click on a pop-up, sure!\u00a0 Hey, that photograph has a funny file extension, lets&#8217;s open it &hellip; <a href=\"https:\/\/www.engineeringradio.us\/blog\/2014\/10\/network-security-part-ii\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Network Security, part II<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[260],"tags":[187,147],"class_list":["post-8187","post","type-post","status-publish","format-standard","hentry","category-it","tag-network","tag-security"],"_links":{"self":[{"href":"https:\/\/www.engineeringradio.us\/blog\/wp-json\/wp\/v2\/posts\/8187","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.engineeringradio.us\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.engineeringradio.us\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.engineeringradio.us\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.engineeringradio.us\/blog\/wp-json\/wp\/v2\/comments?post=8187"}],"version-history":[{"count":3,"href":"https:\/\/www.engineeringradio.us\/blog\/wp-json\/wp\/v2\/posts\/8187\/revisions"}],"predecessor-version":[{"id":11233,"href":"https:\/\/www.engineeringradio.us\/blog\/wp-json\/wp\/v2\/posts\/8187\/revisions\/11233"}],"wp:attachment":[{"href":"https:\/\/www.engineeringradio.us\/blog\/wp-json\/wp\/v2\/media?parent=8187"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.engineeringradio.us\/blog\/wp-json\/wp\/v2\/categories?post=8187"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.engineeringradio.us\/blog\/wp-json\/wp\/v2\/tags?post=8187"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}