Home Design Work Security Contact
Network Security

Network Hardening

Following a network breach, I identified the organisation's key vulnerabilities and recommended three core hardening measures — MFA, a robust password policy, and regular firewall maintenance — to significantly reduce future attack surface.

Context
Post-Breach Response
Controls
MFA · Passwords · Firewall
Threat
Brute Force · DoS/DDoS

The Situation

After the organisation experienced a network breach, I was tasked with identifying the vulnerabilities that were exploited and recommending concrete hardening measures to prevent recurrence.

Three core tools were identified as the highest-impact, most practical controls the organisation could implement immediately to reduce their attack surface and improve network resilience.

Three Core Controls

🔐
Multi-Factor Authentication (MFA)

Requires users to verify their identity using more than one method before accessing systems or applications.

MFA methods include fingerprint scans, ID cards, PIN numbers, and passwords. It is especially critical for administrator-level accounts and should be enforced consistently across all users.

🔑
Strong Password Policies

A defined and enforced password policy that sets clear rules for complexity, length, and behaviour.

Policies should specify minimum length, acceptable characters, and prohibit password sharing. Rules around unsuccessful login attempts — such as locking accounts after five failures — should also be enforced.

🧱
Firewall Maintenance

Regular review and updating of firewall rules and security configurations to stay ahead of evolving threats.

Firewall rules should be updated whenever a security event occurs — particularly any event that allowed suspicious traffic through. This measure is effective against DoS and DDoS attacks.

Why These Three

🔐 Why MFA

MFA significantly reduces the likelihood of a successful brute force or credential-stuffing attack. Even if an attacker obtains a password, they cannot access the system without the second factor. This is especially important for admin accounts, which represent the highest-value targets on any network.

🔑 Why Password Policies

Weak passwords remain one of the most common entry points for attackers. A well-enforced policy eliminates trivially guessable credentials, prevents password reuse, and — through account lockout rules — limits the effectiveness of automated credential attacks.

🧱 Why Firewall Maintenance

A firewall is only as effective as its ruleset. Without regular review and updates, rules can become stale — allowing traffic patterns that should be blocked, or blocking legitimate traffic unnecessarily. Post-incident updates ensure the firewall reflects current threat intelligence.

What This Demonstrates

Ability to analyse a security breach and identify the underlying controls that were missing or insufficient.
Practical understanding of MFA — how it works, why it matters, and where it should be prioritised (admin accounts first).
Knowledge of password policy components including complexity requirements, sharing prohibitions, and lockout thresholds.
Understanding of firewall management as an ongoing process, not a one-time configuration — especially in the context of incident response.
Ability to communicate security recommendations clearly, with justification for each control's effectiveness against specific attack types.
Next Project
tcpdump — Traffic Analysis →