Cyber attacks are on the rise. It is predicted that one in five small businesses will suffer a cyber breach this year. It has been found that 81% of all breaches happen to small to medium sized businesses so ensuring your data is protected is essential! 97% of breaches could have been prevented with today’s available technology. We have compiled some ideas below for you to consider implementing to help protect your data and avoid a cyber breach:
Steps to protect against a Cyber Attack
- Security Assessment: It is important to create a security baseline and close any existing security vulnerabilities. If you already have a security baseline in place, when was the last time you checked for any vulnerabilities?
- Secure your email: Most attacks originate in your email, often through spam. By using a service which is designated to reducing spam, you will reduce your exposure to cyber attacks via your staff’s email addresses.
- Enable passwords to your devices: Apply security policies on your network. This can include: denying or limiting the use of USB file storage access, enabling enhanced password policies, enabling user screen timeouts and limiting the amount of access a user has on the network.
- Keep your staff training up to date: Teach your staff about data security, email attacks, and your company policies and procedures. There are web-based training solutions and ‘done for you’ security policies.
- Advanced Endpoint Detection & Response: Protect your computer data from malware, viruses and cyber attacks with advanced endpoint detection security. Antivirus solutions are being replaced with new technology which protects against file-less and script-based threats and can even rollback a ransomware attack.
- Multi-Factor Authentication: Where possible, utilise multi-factor authentication. This can include: your network, banking websites and social media platforms. Multi-factor authentication adds an extra layer of security to ensure that even if your password is compromised, your data stays protected.
- Computer updates: Keep on top of your computer updates. This includes: Microsoft, Adobe, Java and other apps that you use in order to keep on top of security patches.
- Dark Web research: Using third party software, you can get notifications from the dark web to tell you if your credentials have been stolen and sold. Knowing in real-time if your password or accounts have been breached helps you keep on top of your business security.
- Security Incident & Event Management logs: Use big data engines to review all events and security logs from your covered devices to protect against advanced threat and to meet compliance requirements.
- Web Gateway Security: Cloud-based security detects web and email threats as they emerge on the internet, and blocks them on your network within seconds – before they can reach the user.
- Mobile Device Security: Today’s cybercriminals attempt to steal data or access your network through your employees’ mobile phone and tablets. Seal this security gap and ensure all devices which can access your corporate network are covered with security measures.
- Firewall: Ensure your firewalls are turned on on all your devices. If your inhouse IT team are unsure on how to activate your firewalls, we can help you get this setup.
- Encryption: Whenever possible, encrypt your files when they are not in use, or in motion (for example, email) – especially on mobile devices.
- Backup: Backup locally, backup to the cloud, have an offline backup for each month of the year and test your backups often. If your backups aren’t working for you, review your procedure as soon as possible.
To discuss implementing any of the above tips, or for other IT related enquiries, give one of our techs a call on 0121 667 8977 or email firstname.lastname@example.org and we’d be more than happy to help and advise you.