5 Tips to Prevent a Security Breach in your Business
Almost all businesses today have their business data on computer and almost all of them are eventually connected to a network which is then connected to the Internet. Most have firewalls, all of them should. Most have some level of protection but almost all of them can be improved just by starting with these tips.
As long as there is valuable data, and that data may only be valuable to the owner, cyber criminals will attempt to bypass the security protocols meant to protect this data. They are attempting in ways that are much more automated and sophisticated than ever before. The causes of security breaches are as broad ranging as the attempts made. Everything from Phishing, Hacking and Malware (31%), Employee Action or Mistake (17%), Vendor Breach (14%), Internal Theft (8%) to Lost or improper disposal of data (6%). Add to this device theft or loss, weak and stolen credentials, and outdated systems that use ineffective security measures and you have a whole lot of holes to plug in your company. The following five tips are a good start for any company.
Lock it Up – Keep Important Data Secure
Employees not being educated on data security and protection is one of the biggest reasons for internal data breaches and the introduction of Ransomware and Malware into your company. Just like you wouldn’t give everyone in your company the combination to the safe, it’s a good idea to limit access to important data and information by restricting access privileges to the smallest number of individuals. Additionally, if your network and office allows for it, you can segment financial and other critical data and the select users of that data to its own network.
User Awareness Training and Testing
User Awareness training is also another key component that really makes every employee part of the solution and not the problem. Recurring training and testing on phishing, credit card policies and data security will cut down on the users clicking on malicious emails. PICS ITech offers low cost continuous education to get your users on guard for intruders.
Keeping your machines and software updated
I’ve written about this in other blog posts but it is important that your machines and software be kept up to date. If you use an MSP (Managed Service Provider) outsourced IT provider like PICS ITech, then this is a matter of course but if you are acting as your own IT department then this often gets overlooked. Updating your operating systems, antivirus software, business software, and firewalls as often as possible will go a long way toward solidifying your defense systems. Security breaches might also occur when employees work with unprotected machines either from a public Internet café or even a home computer that is shared with the rest of the family. They might unknowingly download malware, or spread a virus onto the computer network.
Use monitoring and machine learning to sniff out abnormalities
It’s not all on your employees, however. Network administrators should employ monitoring software to prevent breaches by analyzing what is “normal” behavior and comparing that to what appears to be suspicious behavior. Cyber criminals often hide in networks to exploit them over a long period of time. Even if you miss them the first time, you should monitor suspicious activity so you can recognize impropriety and amend security policies before it goes any further. We have several things we monitor at the PC level including:
- unauthorized logins or attempts to restricted computers
- A new user profile on the boss’s PC
- A new user was just granted administrative rights
- New applications just installed on a locked down system
- Middle of the night logins
In addition, with a fully managed security solution you might expect additional monitoring including:
- SIEM (Security Incident Event Management) and Log Management
- Security and Penetration Testing
- Login Analysis and Internal Vulnerability Reporting
- Advanced Threat Protection
- Managed Content Filtering
- Network and Endpoint Protection
- Email Security
Creating strong security passwords and credentials
No matter how often we say it, there’s always room for improvement when it comes to your passwords and login procedures. In addition to text-based credentials, you should require other methods whenever possible. Multi-Factor authentication which ties a user ID to a physical device like your cell phone is a great addition to a password. MFA is for fortifying your network, fingerprints and smart cards, for example, are much harder for cyber criminals to fake. Regardless of which factors are used, they must be frequently updated to prevent breaches, accidental or otherwise.
We’ve produced a short video on creating good passwords suitable for your users.
Purchase Cyber-Security Insurance
In the end, no system is perfect. Zero-day attacks exploit previously unknown holes in security, and because it is getting easier they exploit human error, accidental or otherwise, can never be totally prevented. And for this reason, small businesses need to start embracing cyber insurance policies. These policies help cover the damages that might occur even under a top notch security. Nobody likes to buy insurance but think about the damage that would be caused if you infected your customers network or caused them financial damage. Considerations for selecting a policy include legal fees, deductibles and premiums, first and third-party coverage, and coverage for reputation rehabilitation.
The field of cyber security is overwhelming -- even for seasoned IT professionals. But not for us. We spend our days researching and experimenting to craft the best security solutions on the market. If you're interested in one of our flexible cyber-security plans, contact us today.