Sensitive data should be performed only over a trusted connection with encryption. To keep the company’s data secured from an outsider, precautions such as firewalls, and IDS, IPS, and a vulnerability scanner should be implemented for data security. Strong cryptography and security protocols like IPsec tunnel and VPN should be used to protect the data during transmission over outside networks. The transfer of personal information from a third party to the company, usually through a web site, should be completed through our secure servers which should use a high-level encryption. Any electronic communications containing sensitive information should be encrypted any time it is sent outside the company. Particularly sensitive communications should be encrypted at all times, even when sent internally. To avoid an accident, the email server can be sent to only use encrypted emails.
Installing an intrusion prevention system (IPS) which enhances a network intrusion detection system (NIDS) will allow administrators to monitor and notice any suspicious network traffic patterns. An NIDS monitors network traffic between the internal network and external networks. It uses signature recognition to notice anomalies by reading the TCP flags. An IPS blocks traffic that is flagged as malicious, stopped suspicious network traffic, and monitors executing processes which may disable the network.