Recent Posts

Categories

Cybersecurity Awareness

It’s Cybersecurity Awareness Month 2022! Which, is where government and private sectors can join forces to educate people on how to protect their data. We have entered a digital age, where high speed Internet is readily available to the public. It is now commonplace for businesses and personal users to do everything online. This makes everyone a target and to be honest, everything is hack-able.

What is Cybersecurity?

Cyber security is the collective methods, technologies, and processes to help protect the confidentiality, integrity, and availability of computer systems, networks and data, against cyber-attacks or unauthorized access.

Implementing effective cybersecurity is becoming more challenging than ever. There are more devices online than there are people. The attackers are becoming more innovated. To protect your data, you have to add protections at multiple layers of the network.

Who is Responsible?

Cybersecurity is the responsibility of everyone in the organization. Not limited to only the IT department. This should be part of a culture. You teach your staff to use a new system or perform tasks. The education of cybersecurity should be no different. Another process or procedures to be incorporated into your organizations. Employees that access data or company email should know what to look for, what to do if there is an incident. They should be expected to understand and follow the policies.

What are some of the Best Practices?

Every company may have different risk thresholds and will also have different policies. Most businesses, large and small have some level of security in place. We have found the following often are overlooked and can be the simplest to put in place.

Train Your Employees

Do your employees know your security policies? Do they know what threats to be weary of? Not every employee has the same level of technical capabilities or experience. It is critical that you teach your staff about your security practices.

Good Password Policies

The best practice for employees is to regularly change passwords. It’s human nature for some employees to do things the easy way. For instance some employees use the same password for work and personal accounts. So if a social media or e-commerce store gets hacked then there work email password can also be compromised. Having practices in place that insure employee password are strong and are changed is a good way to strengthen your security.

Good Password Policies

Implementing Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) is more widely adopted across small businesses. And we always hear what a pain it is because it adds an extra step to login. For employees who have access to the most sensitive data, like administrators and executives, MFA is a must-have. It may be a hassle, but it helps keep unwanted users out and makes it more complicated to hack. So adding a single step to your login can greatly improve the security of your business.

Keeping Software Up to Date

Keeping software, operating systems, and firmware up to date is critical. It is an easy way to prevent vulnerabilities that make it easy for hackers to exploit.

End Point Protection

Every device is an entry point into your network. Therefore, ever laptop, computer, and phone should have protection. End Point protection includes anti-malware, anti-virus, and continuous real-time monitoring to detect suspicious activity and deter such attempts.

Automated Threat Detection & Remediation

With the growing number of applications users have, it makes it impossible for an administrator to keep track of everything. Artificial Intelligence has changed the game in finding and responding to threats. Many MSSP’s offer a Security Operations Center. They have real real people reviewing threats 24/7/365 to end false positives and take action only when needed.

Regular Auditing

It can be challenging to keep track of everything all the time. Users behaviors, threats, and the networks are evolving. Performing regular audits on vulnerabilities, devices, and your processes will help keep your security in check.

Have a Response Plan

It is important to know you what you are going to do when something does happen. At least consider those worse case scenarios. It can also help you identify what actually is the most important data to your business and what is not. Having a response plan can greatly reduce the spread of any compromise. A well tested plan gives employees the confidence on how to handle the situation and who to contact.

Related Posts

An image of a security operations center watching for threats.

What is a Security Operations Center?

An image of a hand hovering over a dimly lit cell phone screen that reads "Vishing".

What is Vishing in Cyber Security?

An image of connected circles representing business continuity and disaster recovery.

Business Continuity vs. Disaster Recovery