Imagine if you will a robber breaking in to your business or home and cleaning you out for 197 days before you discover the break in. This is what is happening every day, Cyber Thieves are able to run wild in your network for that long on average before being discovered according to a ConnectWise.com webinar I attended.
Here are 15 ways to protect your business from Cyber Attack, many are simple and easy to DIY others will require the support of IT Professionals. These 15 Ways are a great conversation starter with those that are responsible for your IT System Security.
15 Ways to Protect Your Business from Cyber Attack
- Do a Security Assessment
It’s important to establish a baseline and close existing vulnerabilities. When was your last assessment?
- Use a Spam Blocker
Secure your email. Most attacks originate in your email. We’ll help you choose a service designed to reduce spam and your exposure to attacks on your staff via email.
- Complex & Regularly Changed Passwords
Apply security policies on your network. Examples: Deny or limit USB file storage access enable enhanced password policies, set user screen timeouts, and limit user access.
- User Security Awareness
Train your users – often! Teach them about data security, email attacks, and your policies and procedures. We can provide cyber security training to your members of staff.
- Advanced Endpoint Detection & Response
Us Anti-Virus & Malware Software to protect your computer’s data from malware; viruses, and cyber attacks with advanced endpoint security. Today’s latest technology (which replaces your outdated anti-virus solution} protects against file-less and script-based threats and can even rollback a ransomware attack.
- Two Factor Authentication
Utilize Multi-Factor Authentication whenever you can include your: network, banking websites, and social media. This adds an additional layer of protection. So even if your password does get stolen, your data stays protected.
- Software Updates
Keep Microsoft, Adobe, and Java products updated for better security. They often provide automatic updates and security patches.
- Folder Permissions
Review all of your files to make sure only the authorized people have access. Create an approval process for new employees and review existing access at least once a year.
- SIEM/Log Management (Security Incident & Event Management)
This Technology uses big data engines to observe events and security logs from your covered devices. Using this engine to protect against advanced threats and to meet legal & compliance requirements.
- Web Gateway Security
Cyber Security – Internet security is an un-ending race. Sophisticated cloud-based security software identifies web & email threats as they emerge on the internet. Then blocks them at the network level within seconds – before they even reach the user.
- Mobile Device Security
Cyber criminals often try to steal data or access your network by way of your employees’ phones and tablets. Limit access and require long complex passwords.
- Have a Firewall
Install and verify your Firewalls Intrusion Detection and Intrusion Prevention features, for your network, PCs, Tablets, Mobile Devices etc.
Whenever possible, the goal is to encrypt files at rest, in motion (think email) and especially on mobile devices. Encryption stops your data from being readable, a VPN will do this automatically.
Backup using 3 methods and 2 different technologies. For example 1. Backup to the cloud. 2. Offsite Hard Drive 3. On site Network Accessible Hard Drive. It pays to have an additional offline backup for each month of the year. Test your back ups to make sure they have all of the data you want to protect.
- Disaster Recovery
Create a detailed plan to speed your business recover and get back online in a timely manner.
Buy Cyber Insurance
When your bottom line depends on your data it may be necessary to buy Cyber Crime Insurance.
On the off chance any of this applies in your Salesforce instance it might be worth a quick conversation to discuss it.