Industrial Network Security

The book I read to research this post was Industrial Network Security by Eric D Knapp which is an excellent book. If you have a job connected with computer security this is definitely the sort of book you should be reading. This book explains the various options connected with hardening your network and focuses mainly on windows. If you have any vulnerabilities on your network you should either generally download a patch if available, or remove the service or isolate the computer. You should make a list of what you are protecting and include what the result of damage might be. Nuclear Power Stations in America and this books takes an american viewpoint, have 5 layers of protection typically. This means you have to enter 5 strong passwords, all different. Each layer offers a slightly different type of protection and combined they conform to the rules governing Nuclear Power Stations. They will also have a whitelist listing who can use which server and any software on there. A Nuclear Power Station is an extreme example but you must consider what needs the most protection & you must also make sure it's affordable. Another thing is you shouldn't have people going in sensitive areas with smartphones or flashdrives. It's amazing how lax many companies in Britain are on that line. You should either block or remove any unused USB ports. A lot of espionage is done by disgruntled employees and you should limit what they have access to, to what is essential for them to do their job.