Whether it’s our favorite blanket, a cup of hot chocolate or our pet pit bull (in my case, that is), the human race craves comfort and peace of mind. When it comes to your network’s security, what gives you real peace of mind? For me, it’s proper network documentation (and nope, I don’t mean the whole makeshift Wiki, sticky notes on racks, SharePoint type arrangement).
I’ll say it again: what gives me peace of mind is the documentation. You may be wondering: does network documentation really help secure the network? Like most things in life, the simple answer is...yes and no. First and foremost: if you don’t know what you have or where it is, how can you secure it?
Imagine buying your dream house. It’s a 14 room mansion with lots of windows and doors. You found an amazing deal on it and you can’t wait to move in your furniture and valuable possessions. The one catch? It’s in a not so great location. So, what do you do? Do you just move in your things, lock the front door and call it a day? Probably not. You probably go around and check out which windows someone could enter through, where all the doors are and make sure all the appropropriate locks actually work.
Same rules apply for your network. You can’t lock down your network and safeguard it if you don’t know what you have and where it all is, right? For example: if there is an entry or exit to your network that’s connected to the internet - and you don’t know about it: yikes! You can’t secure your house if you don’t know where the points of entry are; the same applies to your network. It only takes one unlocked door, one overlooked point of entry...
So, when you know and visualize what you have, where it is and how everything is connected, you can secure your network.
Here’s the network documentation you should have, at a minimum:
*Document the entry points and exits for your network. Doing so helps you better predict where certain security breaches could arise in the future.
*Document all systems and applications that are running on your internal systems. This will give you visibility of your web-accessible systems.
*Document the applications and servers that face out to the world.
Proper network documentation and even minimal network documentation gives you points to concentrate on when you’re reviewing your security and ensuring your equipment is up-to-date with current security patches. Document your network and get greater peace of mind at night (and don’t forget to give your pet pitbull a cookie).