To improve computer network security, network administrators need to minimize the use of administrator accounts, use full-disk encryption and disable remote router administration. They should keep programs up-to-date, lock down virtual private network, VPN, access and avoid using third-party routers and wireless access points.
VPN clients position operating systems outside the protection of a network firewall. Security practitioners need to restrict what VPN users access by applying access-control lists to mail servers and select Internet resources. Using administrator accounts for daily computing activities leaves the network vulnerable to threats encountered when browsing the Web and accessing email. Computer users need to create a standard user account for daily use and save the administrator account for necessary tasks such as installing programs and updates.
Full-disk encryption provides an added layer of protection and secures the entire contents of the computer, including the operating system. Organizations can choose from various third-party full-disk encryption programs. These programs prevent thieves and hackers from gaining access to the user's sensitive data. Network administrators should update all third-party programs whenever prompted, since these updates deliver critical security patches that may protect the network against security attacks.
Virtually all routers have a remote administration feature that lets individuals log in to view and change router settings from the Internet. To minimize the risk of unauthorized access to the network, administrators should disable this feature so that people can only perform administrative chores from within the network.