6 Top Tips to Prevent Cyber Attacks
What do Sports Direct, BUPA, Equifax, NHS and TalkTalk have in common? Well, they are all victims of Cyber attacks. The bad guys stole millions of records from these companies. The latest of these victims is Equifax and at the time of the writing of this article, there are more than 30 Lawsuits filed in US on Equifax (read the news article here). Bad guys have stolen personal information for 143 Million Americans in one of the largest hacks ever. The breach reduced the Equifax market value by $3.5bn in just two days.
This can happen to any of us. Especially if we take a reactive approach to our Information security. We have approached many companies offering help and more often we get a response saying 'I think our network is pretty secure and nothing happened to us so far'. There are companies who can afford a dedicated resource to secure their data but this comes at a cost. So, what can we do to prevent it from happening? It would be great to have just one solution that fixes everything but sadly that's not the case. It simply doesn't work that way. Here are a few simple steps you can take.
- Network Firewall
Invest in a proper network firewall and do not open the ports that are not needed to be open. If the firewall supports you can also turn on the SMTP [email traffic] filtering. You can find out more advice to select the right antivirus solution for your business here.
2. User Education
No matter what firewalls, Anti-virus software and other protection you use user education is vital. Most of the recent attacks were happened just because of an user clicked on something they shouldn't have or opened an email attachment they shouldn't have. Have a training program in place for your users. These days you can train your users through online training and via consistent reminders. You can even run phishing tests yourself to see how many users are still clicking the links and if the training program works. Find out which training solution is best for you here.
3. OS & AV updates
Make sure your Operating System [more likely, windows] is up to date. Stop using dated Operating Systems unless you have no choice. Unless you have a reason to be Windows 7 upgrade your network to Windows 10. It's much faster a more secure. Your IT department will look after this for you but if you don't have one, ask your IT provider. Keep the anti-virus [AV] up to date. Most AV software update over Internet every few mins or you may have an update server sitting in your IT room. Whatever the case might be, make sure your AV is up to date. AV vendors generally know what's happening around the globe and release updates as soon as.
4. Email Filtering
As mentioned above, Most of the recent attacks are the result of an user action taken within emails. Either clicking a link in the email or opening an attachment. Hence an email protection can really help. It filters out the junk and stops it before you even notice it. You can get the service for as little as £1 per month per user, your one day downtime will be more expensive than that.
5. Backups & Disaster Recovery
The fact is, bad guys adopt faster than us. Regardless of how many proactive measures we take sometimes, we will fall short. I hate to say this but unexpected might happen at times. The best strategy to get back in business in an event like this is to have proper tested backups. When did you last take you backup and when did you test it? Do you have a Disaster Recovery plan for your IT? If your building disappears tomorrow how quickly can you get back your data? Do you have a copy of your backup off-site? These days you can do cloud backups at a very minimum cost.
6. Save files on server
This is a follow up to the point made above. Save all your working files on the server or OneDrive or Dropbox whatever you use. Don't save them on your desktop. Your servers are backed up regularly and they keep the files for months which means you can restore the data if the something bad happens as well as you can go back in months to restore an earlier version of the file.
If you need help in preventing cyber attacks in your business or just want some advice, get in touch with one of our experts here who will be happy to help.
- Secure Your Supply Chain
- Case study: British Airways Fined £183.4million for Data Breach
- The Silver Bullet in Cyber Security
- Is it a good idea to build your own Security Awareness Training platform?
- Fake invoice email scams and Office 365
- How to apply for the Cyber Essentials Voucher Scheme
- 5 things to consider when selecting a Security Awareness Training (SAT) platform
- 2 Years, Marmite and £600,000
- What is Business Email Compromise (BEC) and how to stop it
- Everything you need to know about Cyber Essentials
- Cyber Essentials Demystified
- How to choose a Security Awareness Platform
- How to pick the best Antivirus software for your business
- 6 Quick and Easy Email Security Tips for Dummies
- How to carry out a baseline email phishing test
- Hackers On Tour
- How to share passwords safely in your Small Business
- In the news - Warning. North Sea firms likely already attacked
- 10 Steps to Cyber Security
- 5 Reasons why you should consider having two monitors
- What is Email phishing & why you need security awareness training in your business
- How to choose the best IT Service Provider for your business
- How to choose the best Antivirus software for your business
Secure Your Supply Chain
You might take Cyber Security seriously, but how about your suppliers? Here is why you need to secure your supply chain, now.More
Case study: British Airways Fined £183.4million for Data Breach
The UK's Information Commissioner's Office has declared that it intends to fine British Airways a record total of £183.4m because of a data breach it suffered during the summer of 2018.More
The Silver Bullet in Cyber Security
Even large companies with all the best security in place become victims of malware attacks because they don't do their updates. Find out why patch management is so important for your company.More
Is it a good idea to build your own Security Awareness Training platform?
Should you build your own Security Awareness Training platform? Nope! And here are the reasons why.More
FOR LATEST UPDATES SUBSCRIBE HERE: