Cybersecurity is more critical now than ever. Those seeking to access your information are constantly upping their game. Whether they slip in through the backdoor with a simple malware-laden phishing email or they quietly enter through your network and encrypt your data, you need to be prepared. What can you do to prevent data loss and downtime?
Start by reading our checklist: 15 Must-Do Things to Protect Your Business From a Cyber Attack. It will give you the overview of the preliminary steps to take to help protect yourself and you livelihood. If you’d prefer a downloadable PDF version of this checklist, click HERE.
1) Risk Assessment
You need to establish a baseline understanding of the risks facing your organization before you can effectively write security policies and spend money on technical controls.
2) Written Security Policy
Policy guides employee behavior and sets expectations for how cybersecurity fits into your company’s strategy. It can also be used to guide you through a breach (incident response plan) when your hair is on fire.
3) Security Awareness
It’s well-known that most cyber breaches are caused by employee misbehavior as they engage in phishing emails asking them to wire money or open a malicious attachment. Training employees on what to look out for will significantly reduce your likelihood of a breach.
4) Passwords
Password managers such as LastPass should be used by all employees. This guarantees that passwords are long, complex, unique, and stored in a more manageable and simple way than having to remember passwords for disparate systems. Screen timeouts and setting the max failures before lockout are also important.
5) Multifactor Authentication
MFA will prevent hackers from brute-forcing into your VPN, from stealing online account credentials, and from accessing any other system you protect with MFA. Hardware tokens are the most secure, but soft tokens and other options are available as well.
6) Advanced Endpoint Protection
Your endpoint protection should include protection against file-less threats, behavior detection, and anti-ransomware functionality. Endpoints that “talk to” next-gen firewalls can help contain threats to a particular network zone.
7) Web Content Filtering
Almost 70% of all Internet traffic comes in via HTTPS (not HTTP). You need to enable web content filtering but be sure to also set your WCF up to decrypt, inspect, and re-encrypt HTTPS traffic. Otherwise, your security posture is dubious at best.
8) Encryption
There are two encryption use-cases. On servers, file-level encryption protects against data-scraping malware attacks. On mobile devices, encryption protects against attacks such as a hard drive getting removed from a laptop and inserted into the attacker’s system for their prying eyes.
9) Firewall
Everyone has a firewall, but not everyone configures IDS, IPS, and other advanced security features. Firewalls that “talk to” endpoints are becoming increasingly useful in combating attacks.
10) Backup
Good backups follow the 3-2-1 rule: 3 copies of the data (prod + 2 backups), 2 different media (disk/cloud/flash), and 1 offsite (cloud). Attackers have also started to target NAS devices and backup appliances, so make sure these things have MFA enabled, where possible.
11) Updates
Windows updates are important but so are updates to third-party apps such as Chrome and Adobe Reader. Cyber attackers can easily create a PDF, embed it with malicious JavaScript code, then run it through multiple encoders to let it march right through your firewall. To address this, ensure all Windows & 3rd-party apps are patched early and often.
12) Access Control
Implement the concept of “least privilege” everywhere, both on-premise and in the cloud. Only give users the privileges needed to accomplish their job function. If they’re in HR, don’t give them write access to the Engineering department’s file share. The key here is “If you can’t write to it, ransomware can’t encrypt it.”
13) Penetration Testing
This valuable exercise answers the questions “how hackable am I?” and “how effective are my security controls?” Penetration testing is also required by most cybersecurity regulations and frameworks. Ethical hackers attempt to gain footholds in your network then provide remediation recommendations where weaknesses are found.
14) Incident Response
Even with good planning, your organization will eventually get breached. Incident response involves key items such as:
- How do we respond?
- Who gets involved?
- How should we restore business operations?
- How can we retain our reputation?
15) Cyber Insurance
Use this as a last line of defense if all else fails.
Great Lakes Computer Corporation offers a comprehensive suite of security and compliance services
Being secure means more than just throwing firewall and antivirus at the problem. To be secure, organizations need to regularly test their technical controls, review and update written policies, and ensure their users know how to interact with systems and data safely. We can help you do just that. Learn more by clicking below.