Access control
As an application or network owner, we should know who or what is accessing our network resources. If we do not know or do not keep track of our activity and instead just assume what is happening on the network, we cannot guarantee data security and the safety of end-users.
We need to start with the basics of security. This begins with understanding what's on our network.
Asset classification and physical security
The most basic (but often most overlooked) element of network security involves keeping hardware protected from theft or physical intrusion.
As mentioned earlier, the first thing we need to classify is our assets. Once data classification is identified, network servers, network switches and other core network components should be protected in well-guarded facilities. Cages and racks should be locked and permission should be granted based on requirements with proper approval and proper security guidelines.
Authentication, authorization, and accounting
Authentication, authorization...