The more services a network offers, the more likely it is to face intrusion risks. It is recommended to deny everything except what has been explicitly permitted.

Follow the following guidelines:

  • Do not allow services into your network without justification.
  • Provide only one entry and exit point to your network.
  • Periodically train all users on evolving security procedures.
  • Document any network changes, new systems, and updated Network Operating Systems (NOS).

All employees must follow the security policy. The largest single cause of security losses is from employees not following policies and procedures.