6 Top Tips to Prevent Cyber Attacks
What do Sports Direct, BUPA, Equifax, NHS and TalkTalk have in common? Well, they are all victims of Cyber attacks. The bad guys stole millions of records from these companies. The latest of these victims is Equifax and at the time of the writing of this article, there are more than 30 Lawsuits filed in US on Equifax (read the news article here). Bad guys have stolen personal information for 143 Million Americans in one of the largest hacks ever. The breach reduced the Equifax market value by $3.5bn in just two days.
This can happen to any of us. Especially if we take a reactive approach to our Information security. We have approached many companies offering help and more often we get a response saying 'I think our network is pretty secure and nothing happened to us so far'. There are companies who can afford a dedicated resource to secure their data but this comes at a cost. So, what can we do to prevent it from happening? It would be great to have just one solution that fixes everything but sadly that's not the case. It simply doesn't work that way. Here are a few simple steps you can take.
- Network Firewall
Invest in a proper network firewall and do not open the ports that are not needed to be open. If the firewall supports you can also turn on the SMTP [email traffic] filtering. You can find out more advice to select the right antivirus solution for your business here.
2. User Education
No matter what firewalls, Anti-virus software and other protection you use user education is vital. Most of the recent attacks were happened just because of an user clicked on something they shouldn't have or opened an email attachment they shouldn't have. Have a training program in place for your users. These days you can train your users through online training and via consistent reminders. You can even run phishing tests yourself to see how many users are still clicking the links and if the training program works. Find out which training solution is best for you here.
3. OS & AV updates
Make sure your Operating System [more likely, windows] is up to date. Stop using dated Operating Systems unless you have no choice. Unless you have a reason to be Windows 7 upgrade your network to Windows 10. It's much faster a more secure. Your IT department will look after this for you but if you don't have one, ask your IT provider. Keep the anti-virus [AV] up to date. Most AV software update over Internet every few mins or you may have an update server sitting in your IT room. Whatever the case might be, make sure your AV is up to date. AV vendors generally know what's happening around the globe and release updates as soon as.
4. Email Filtering
As mentioned above, Most of the recent attacks are the result of an user action taken within emails. Either clicking a link in the email or opening an attachment. Hence an email protection can really help. It filters out the junk and stops it before you even notice it. You can get the service for as little as £1 per month per user, your one day downtime will be more expensive than that.
5. Backups & Disaster Recovery
The fact is, bad guys adopt faster than us. Regardless of how many proactive measures we take sometimes, we will fall short. I hate to say this but unexpected might happen at times. The best strategy to get back in business in an event like this is to have proper tested backups. When did you last take you backup and when did you test it? Do you have a Disaster Recovery plan for your IT? If your building disappears tomorrow how quickly can you get back your data? Do you have a copy of your backup off-site? These days you can do cloud backups at a very minimum cost.
6. Save files on server
This is a follow up to the point made above. Save all your working files on the server or OneDrive or Dropbox whatever you use. Don't save them on your desktop. Your servers are backed up regularly and they keep the files for months which means you can restore the data if the something bad happens as well as you can go back in months to restore an earlier version of the file.
If you need help in preventing cyber attacks in your business or just want some advice, get in touch with one of our experts here who will be happy to help.
How to choose a Security Awareness Platform
The weakest link in your security are your users. Security Awareness Training is key for your organisation to stay safe in the digital world. Here is what you need to know the pick the best one for your business.More
How to pick the best Antivirus software for your business
If you decide that protecting your business data is important, you need to buy a business Antivirus (AV) solution that can protect you against as many threats as possible.More
6 Quick and Easy Email Security Tips for Dummies
More than 91% of the successful cyber attacks start from an email. Email is the source of (nearly) all cyber problems and people are the weakest link! Here are 6 basic security measures to keep your digital life secure.More
How to carry out a baseline email phishing test
A baseline email phishing test is a great start to measure the security awareness levels of your employees. It can also be used as a business case to invest in Security Awareness Training. This blog will show you how to do one.More