Before we get started, no guide to designing and setting up an intranet would be complete without some reference to intranet security. Ensuring the security and integrity of all the information and data on your intranet will be a top concern regardless of which option you choose to deploy. And security isn’t just about external threats to your network. It’s also about ensuring that the right staff are accessing the right information.
Now intranet security is a complicated topic that almost warrants its own manual and so here we only scratch the surface. If you are interested in finding our more detail then please check out the following intranet security posts.
Even internal, closed networks are susceptible to hackers or malicious software including worms, viruses, and malware and so at the very least you will need to install a firewall. This acts as a protective barrier between your intranet and the wider world wide web and although it is not foolproof, when it comes to cyber safety, it’s an essential first line of defense. Similarly, you will need to install an effective email filter to guard against phishing, spyware and malware.
Another minimum requirement is anti-virus software, but as the threat from viruses is constantly changing, make sure you update your software on a regular basis.
Staff members choosing weak passwords that are easily compromised is an issue. Counteract this threat by forcing employees to change their passwords on a regular basis and encourage the use of symbols and numbers as well as letters.
Restrict access to sensitive information by using role-based file and page permissions so that staff can only view data that is pertinent to their work. And make sure that you quickly delete the accounts of employees that no longer work for you.
This is the process of converting data into an unrecognizable or encrypted form. The standard way to achieve this is through Secure Socket Layer (SSL) technology. Utilizing SSL will protect sensitive business documents and information on your intranet. Some cloud intranet providers use the latest Health Insurance Portability and Accountability Act (HIPPA) compliant applications via Amazon Web Services (AWS). As well as being used to encrypt data in transit, AWS also has features that can be used to meet HIPAA requirements for auditing, backups, and disaster recovery.
With the do-it-yourself intranet options, it’s your responsibility to install and update these security features. With a cloud option, however, the intranet provider retains responsibility for all security matters and so if you think phishing is something you do from a boat, then this could be an important advantage to take into consideration.