Protecting your WIFI network

Network Segmentation

An effective strategy to protect your practice network is network segmentation. This involves partitioning your WiFi network into smaller networks. This method aims to restrict the level of access to sensitive information, hosts and services while ensuring your practice can continue to operate effectively.¹

Tools to secure your network

• An intrusion detection system (IDS) monitors your network and system activity to detect malicious and unauthorised action. It does not prevent attacks on your system, but informs you if there is a potential problem so action can be taken.
• An intrusion prevention system (IPS) monitors and controls access to your IT network and takes action to block and prevent malicious and unauthorised action.
• A demilitarised zone (DMZ) acts as a neutral zone or protected space between your internal practice networks and external- facing connections such as the internet, web services and email. It prevents access to internal servers holding practice and patient data.
• Secure remote access provides a secure and reliable connection over the internet, most commonly using a VPN. A VPN uses encryption to prevent unauthorised reading of messages and authentication to ensure only authorised users have access to the system being connected to, and to ensure messages are not altered.
• Content filtering is the use of software programs to filter email and restrict access to the internet. Filtering for spam is the most common type of email filtering. Limiting access to known and trusted websites is also commonly used.
• Firewalls act as a gateway or barrier between a private network and an external or unsecured network (e.g. the internet). A firewall can be used to filter the flow of data through the gateway according to specific rules.
• It is recommended your practice information security lead works with your technical service provider to understand your practice’s unique environment and ensure your network is correctly monitored.​