Being turned off by network security (it’s a good thing)

Share

john-osinga
John Osinga

John Osinga
IT COLUMNIST

Improving network security does not necessarily need be complicated, nor does it always require a lot of investment, as often the simplest of implementations can result in the highest level of security.

One of the key phrases being brandished by the information technology sector is that businesses need to have a layered security approach.

This concept acknowledges that no one single aspect of security is guaranteed to protect your business. As such, it is imperative that the IT person who is actively managing your dealership network has in place several differing technologies, hardware, software, training, policies and procedures in place to help reduce the attack surface and vulnerability cross section of the store.

As such, being turned off by network security can be one important part of a layered security approach in protecting your network.

Sleeping Dogs Don’t Get into Trouble
It is a simple fact that there is no security threat to a computer or device when it is turned off.

Are the vast majority your systems turned off each evening? If not, why?

There are multiple reasons for shutting down computers and related equipment in the building each day. It allows new security patches and software updates from the vendor to be installed, as many updates require the PC to be rebooted in order to become active.

If your network is breached by a hacker late in the evening or early morning they will find a virtual wasteland as there are no computers up and running on your network and there is no place for them to inflict damage.

Most important are the infections of backdoor viruses that are, on occasion, installed on the local computer. These viruses often will call home to the malware creators offering them a way to remotely connect to one or more of your computers.

If the PC happens to be turned off during the time scheduled by these viruses to call home to their command and control centers they cannot communicate or allow the hackers a way to remote into the PC.

We attempted to make it a company policy that staff would be responsible for shutting down their computers each day but the results were sporadic at best.

The solution to consistently shutting down each computer is using software within the device itself. There are multiple methods including scripts, batch files and direct commands that cause the computer to shut down on a designated schedule.

An easy method for turning off a Windows-based computer is using the task scheduler and setting the shutdown.exe /s command to run late in the evening (I suggest 10 pm).

When this command is processed and automatically run the PC will shutdown of its own accord.

There are many third-party software utilities for purchase that can also shut down virtually any brand of computing device at any specified time.

For at least eight hours a day, the majority of your computer network can be automatically shut down and turned off. This provides an incredibly high level of security with very little cost or time to implement.

Put the Web to Bed
Another aspect that you might consider is the connection to the Internet.

Does your store require a connection to the Internet 24/7? If not, then severing or turning off the Internet connection during the time your business is closed provides a tremendous layer of security.

One way to accomplish this is by using the scheduler in the local network appliance (the device that controls the connectivity to the Internet) and telling the system to turn off the LAN to WAN connection (internal network to Internet connection). This could be instituted well after a normal workday ends (10 pm).

You also have to set the scheduler to restore the network connection before the workday begins. I suggest around 5 am.

This means that your store will have at least seven hours a day of high security in place as the result of not having outgoing or incoming communication taking place from the physical network to the Internet.

The cost for this is negligible and the resulting security protection level is high.

The Internet is worldwide. While you and your IT team are sleeping, it is daytime on the other side of the world meaning hackers never sleep.

Without sounding like an alarmist, there is always someone somewhere looking for a new conquest. If your network connection to the Internet is turned off each evening and all your computers are shut down there is virtually no way for those who would do your business harm to remotely access your network during this period.

Once this feature and layer of security are considered as a viable way to add a level of protection to the dealership, it opens the door to considering many other ways to turn off other aspects that do not need to be up and running on a continual basis.

Automating the features required to shut down and/or restart non-essential services or equipment, without the need to manually maintain or monitor them provides an efficient and cost-effective way to add a whole new dimension to the layered security of the store.

Hopefully, you are now turned on to being turned off by network security.

John Osinga is an IT manager for a Chrysler and a Mazda store in London, Ont. With over 20 years of experience in the automotive sector and many more years in the technology field. He has consulted with numerous dealerships throughout Canada. He can be reached at johnosinga@gmail.com