11 Ways to keep your business safe – Our highly connected world means we no longer have one solution to protect your business – gone are the days of installing Anti Virus and being safe from the risks!
This article explains step by step each layer of protection you should be implementing as a business – because if your systems and data are compromised the implications are severe
- Unable to trade directly impacting turnover/profits
- Staff unable to work but still costing
- Reputation damaged with clients – maybe permanently – losing the very thing your business needs to operate
- Loss of data and risk of large financial penalties with the new GDPR laws
So what should I be doing to protect my business from these risks you ask…
1. Anti-Spam Solution
Most business use email day to day so a robust, quality solution is the first line of defence for your network.
Emails are still the most common means of communication so a robust anti-spam solution will prevent a huge percentage of emails from ever reaching your network – lack of such a solution will result in your inbox filled with messages you don’t want to read or that contain viruses and could infect your systems if opened.
Solutions such as Office 365 come with built in spam solutions, or you can purchase web based services to provide this function.
This device is what stands between your network and the Internet.
There are “stateless” devices that block all network ports apart from those open to allow things like web traffic, email to get through. The crucial thing is they don’t stop anything coming through those open ports….
There are then “stateful” devices which provide multi-layer protection at the point of connection to the Internet. These include scanning data packets to remove harmful content, blocking certain applications from accessing the web and many other features.
For a business you should seriously consider using a stateful firewall. This will protect your network from external risks as well as control what your users can do from inside your network. For example web content filtering & application control can stop social media usage and illegal torrent downloads, improving staff efficiency and removing risk of business liability.
3. Anti Virus Suite
The anti virus solution is no longer enough to keep you safe but it is still essential!
The AV suite runs as an application on your servers, PCs, laptops. It provides protection against viruses, malware, ransomware and more
Should a recognised virus appear on a protected device, the software will detect & quarantine the offending item to protect the device (and network) from further infection.
4. Proactive Network Security
In tandem with your AV Solution, you should implement a proactive solution that provides additional levels of security.
Using traffic filtering capability this prevents malware from connecting to their servers and downloading what they need to control your machine. AV Products didn’t even detect 60% of the financial malware used in 2015.
These solutions also patch certain 3rd party programs such as Adobe, Java – which left un-patched are another vulnerability that can be exploited.
5. Windows Patch Management
Ensuring all of your Servers and workstations are fully patched is essential to reduce the risk of vulnerabilities. Managing this can be an impossible task to perform effectively manually!
Trusting this to an I.T professional who can control it from one central console is essential.
Ensuring your network has no devices using unsupported operating systems or software is essential! These devices no longer receive security patches and updates so are an easy target for hackers and a huge risk to your business.
6. Wireless Networks
The number of businesses who simply hand out their own WiFi password to clients and visitors is astounding. These users are then on your domain, and can potentially see and obtain your data.
All businesses should have a seperate guest WiFi network and ensure their own internal network password is changed fairly frequently to ensure any devices not needed on it are purged.
If your users have weak passwords, share them with colleagues or leave them on post it notes all of your good work will be undone. Implement a policy that forces users to have a certain complexity and also change them after a certain period.
8. Staff Training
Something often overlooked – but a significant risk – are your staff.
Sadly, we are all just human and make mistakes. Leaving passwords on post it notes. Not locking computer screens. Losing hard drives with confidential data on.
Training your on your systems, data usage & IT policies is key. Not bringing in devices from home, recognising phishing emails. All of these things can help reduce the risks of issues they may cause through their actions.
9. Data Encryption
Windows 10 allows easy encryption – so all business Laptops should have this put in place. Doing this will ensure that if the device is lost or stolen the data cannot be retrieved.
You must encrypt any critical data taken offsite on USB drives.
10. VPN Connections
Using a secure VPN ensures that your data is not transmitted directly across the Internet.
11. Data Backup / Disaster Recovery
Crucial when none of the preventative steps have stopped an issue on your systems!
Restoring your data as quickly as possible is essential to allow you to continue to operate. A staggering 90% of all companies that suffer a major data loss go out of business within two years (Source. London Chamber of Commerce)
This means your backups must be available onsite for quick restoration in the event of a hack or compromised server.
Offsite in the event of a disaster like fire or flood – or that an outbreak has locked your server and connected backup drive.
Assuming your backup works could be disastrous, so testing is essential so you are not left with no backup to restore from when disaster strikes.
Worth also mentioning…
Having observed a live hack into a website that had a client login section – making sure your website has SSL and security in place will prevent the risk of hacks being made into your system compromising your data and systems.
No network can ever be 100% safe, as when threats appear the anti virus, firewall security providers must respond with new updates which takes time.
Taking all the steps above vastly reduce the chance of an incident! This ensures that you keep your business running.
Cyber insurance policies are also becoming increasingly relevant. It is necessary for you to take the above steps to keep your premium low and ensure you are covered if a breach occurs.
Implementing the above helps with GDPR too. Showing you have taken all reasonable steps to safeguard your client data should a breach occur.
We implement this for our clients by obtaining Cyber Essentials accreditation to allow them to demonstrate to their clients and suppliers they take these things seriously…
We hope you found this post useful and can take something from it to help your business
If you are a business owner in Coventry & Warwickshire and want to find out more about helping keep your business safe, please get in touch here or call us on 02476 102030 and we will be happy to discuss this with you…