The Essential Cyber Hygiene for your business
We hear about the Travelex, British Airways, Maersk and Equifax data breaches. Then some of us huddle together to figure out the plan to avoid such breaches with our business. We think we need to get Penetration testing done on our network, Sign up for Darkweb monitoring, threat intelligence, etc... No to mention some of us just think 'it won't happen to us'. Over 90% of these incidents can be prevented by following basic Cyber Hygiene for your business. If you haven't already implemented any of these in your business I highly recommend you do. Here are the hygiene standards.
This is the very first thing we need to do. We need to know what we are protecting and hence we need to what we have on our estate. Inventory of all the hardware, software and data/information. It will also help you with high priority and low priority elements so that can you can start focussing on the right stuff. There are a number of free and paid tools that can help with this process.
If there is one low hanging fruit (quick win) in security it is this. You can do this straight away with very fewer resources required. Harden your authentication methods for your systems. Implement two-factor authentication. Most businesses are on Office 365 for their emails now and it's easier than ever to implement 2-factor authentication on your emails. After all, 95% of the successful cyber attacks start with an email. We need to protect it.
Also, if you have multiple logins for various different applications look into Single Sign-On. It will make life easy for users. Help to eliminate the risk of using weaker passwords. I recommend having Single Sign-On with two-factor authentication enabled. Most applications now support SSO and two-factor authentication now.
Change the default passwords on the firewalls. Close the unnecessary ports. Restrict the remote admin access to specific IP addresses. Keep the firmware up to date.
I am amazed when I hear the printers, routers, firewalls, etc... still have the same default login details. Change them and change them now. Remove the unnecessary applications and features on your network. Having them only cost you time and money as you need to maintain them. If you deploying new PCs or infrastructure it is the best time to harden and standardise your security controls. Also, have proper onboarding and offboarding procedure for employees. Remove/disable the accounts that have left the company.
Don't use the free Antivirus software. They are free for a reason. Get robust software that can block the known and unknown threats. Keep them up-to-date. Have regular scanning enabled.
As I said above 95% of the successful cyber attacks start from an email. Stop the SPAM and Phishing Emails before they hit in your users' inbox. Implement an email spam-filtering solution. This won't cost you much and yet improves your security posture a lot. There are some really good solutions out there including Office 365 Advance Threat Protection, Mimecast, EveryCloud, etc...
User Education & Awareness Training
Make sure your employees know what good security practise is. Having strong passwords, not acting on the link in emails, verifying the changed bank details, double-checking the funds' transfer request, posting sensitive business on social media, writing down the passwords and leaving under the keyboard, etc... Provide adequate training to your users. The training can be online, offline, whatever suits your business needs.
There are no silver bullets in Cybersecurity but this as close as you can get. Patch your systems. I am not just talking about Microsoft patches but also 3rd party applications. Java, Adobe, Chrome, VLC, etc... you get the gist. Having a centrally managed patch solution will help you a lot. I would also recommend you to have a vulnerability management solution or regular vulnerability assessments done on the network. You will know where your loopholes are and fixing priority.
Backup, backup and backup. Did I say Backup? This will save your bacon. Backup your systems regularly, keep the backups offsite, don't leave them in your car boot, test them regularly. A backup that is not tested is not a backup. If you are backing on the same network it's a good idea to segregate the backup to a separate network.
Do you have a DR site? Depending on the budget you might have a cold, warm or Hot site for your DR. When did you last test it?
Who has access to what? Exercise the least privileged method. You will only enable the users to have the least amount of privileges on the network to perform their job. If you are not sure where to start o a quick permissions audit. Use the administrative privileges to perform only the admin tasks and not regular activities like web browsing, checking emails, etc... Restrict admin access to authorised personnel only.
Monitor the activity on the network. Some companies use Security Information Event Management platform to collect the logs across the network and stay on top of the network activity. If the incident happens they can trace back the incident through the SIEM. It may not be suitable for all business as it does come with a cost. There are other cost-effective solutions available and you only need to look around to see what fits your business.
Also, monitor your controls on a regular basis and make improvements.
The large companies usually have an Incident Response Plan. What about the rest of us? Prepare your plan. What happens when the incident happens, who investigates them, what's the course of action, where are your backups, who pulls the trigger on the Disaster Recovery plan, who speaks to the media, how do you ensure the business continuity, etc... Regardless of the size of the business, you will need to have a plan.
Lastly, cyber insurance. Consider taking one. There is nothing in Cybersecurity called 100% secure. We are only trying our best to mitigate the risk as much as possible. The incidents do happen. When they do our backups might save us, the plan might us and when everything else fails your Insurance will cover some of the costs.
I hope that helps. No business is an exception for Cyber Risk. Prevention is 100 times better than cure. Be proactive. If you have skills in-house do all the above that's brilliant if not hire an expert. We are here to help. Thank you.
- TechForce Cyber COVID-19 assistance
- Why do you need a SIEM?
- Deadline for the Cyber Essentials Voucher
- New Year cyber security recommendations
- Solving the problem of the cyber security skills gap
- How to uncover network vulnerabilities
- Protecting your identity online
- What is a VPN and why do you need one?
- Quick tips to improve your board’s cybersecurity
- Password Management Software
- How to make of your employees the best line of cyber defence against cyberattacks
- Certificate management processes
- What is Phishing and what can you do to prevent it?
- Found malware, now what do you do?
- Data breaches and other scary 2019 events- Special Halloween post
- How to get your cyber security budget approved by the board
- The TechForce Sponsorships
- How to start a career in the security industry
- Guest blog- A career in Information security or Cyber security
- Top 5 Anti-Virus Software
- Protecting your business in the cyber security era
- Tech Jargon Buster. Understand the tech lingo so you pick the right thing for your company
- Caught you watching p*rn!
- Equifax Data breach
- Secure Your Supply Chain
- Case study: British Airways Fined £183.4million for Data Breach
- The Silver Bullet in Cyber Security
- Fake invoice email scams and Office 365
- How to apply for the Cyber Essentials Voucher Scheme
- What is Business Email Compromise (BEC) and how to stop it
- Everything you need to know about Cyber Essentials
- Cyber Essentials Demystified
- How to choose a Security Awareness Platform
- 6 Quick and Easy Email Security Tips for Dummies
- Hackers On Tour
- How to share passwords safely in your Small Business
- In the news - Warning. North Sea firms likely already attacked
- 10 Steps to Cyber Security
- 6 Top Tips to Prevent Cyber Attacks
TechForce Cyber COVID-19 assistance
We are facing one of the biggest challenges we have ever seen. COVID19 sweeping the country. At TechForce, we are trying to do our bit to help.More
Why do you need a SIEM?
A SIEM is a security information event manager, which very simply means its software that manages events regarding information security, simple enough.More
Deadline for the Cyber Essentials Voucher
Any Scottish registered SME can get up to £1,000 voucher towards their Cyber Essentials certification. It is available for first-time applicants. However, the scheme is now coming to close.More
New Year cyber security recommendations
In this blog post we give you some new year cyber security recommendations to protect your accounts and identityMore
FOR LATEST UPDATES SUBSCRIBE HERE: