Is your business doing all it can to protect itself from Cyber Security risks? There is a new level of threat online that has even crippled huge organisations like the NHS – the cost & inconvenience caused by this end up being astronomical!
Now imagine if this happened to your business! It would impact it immensely – costing money, reputation, customers and maybe even the actual business itself! Can you afford not to take action
There is no one single solution to security and protection but the list below is a good starting point.
The most common method of communication is still Email. Therefore a good anti-spam solution will block a huge percentage of junk emails from ever reaching you. Without this solution your inbox will be full of messages that could contain viruses and infect your systems if opened.
This device is what stands between your network and the Internet.
There are ‘stateless’ devices that only open the ports required to allow web traffic, email etc to arrive. However they do not prevent anything malicious coming through those open ports.
Stateful devices provide multi-layer protection by scanning each packet of data, blocking applications from accessing the web and many other features.
For a business it is essential to implement a good stateful firewall. These protect your network from external risks but can also control what your users can do from inside your network.
Using web content filtering & application control can improve productivity and remove legal liability. Preventing staff spending all day on social media, streaming video or downloading from illegal sites is easily done.
3. Endpoint Protection
The need for device protection has progressed past just needing anti-virus software in today’s world. Systems need proactive endpoint protection to prevent threats from downloading themselves onto your device.
4. Anti Virus Suite
These solutions do not prevent viruses – they merely detect and block them by providing a layer of protection inside your network.
They run as an application on your servers, PCs, laptops etc. They then detect & quarantine any known threats to protect the device (and the network) from further infection.
Having a full security suite instead of just an Anti-Virus solution is critical, and ensuring it update its “definitions” at very regular intervals.
5. Software Security Updates
Ensuring all of your devices are fully patched is essential to reduce the risk of security risks being exploited. This can be a daunting and impossible task to perform manually so managing it from a central is essential.
Newer versions of windows are set to update automatically but if you are still running older versions updates still need doing. Upgrading outdated software that no longer receives security patches should be done asap!
6. User Training
An often overlooked item, but one that is very important. Reduce the risk to your business by giving your users comprehensive training on your systems, data usage, email, IT policies, bringing in devices from home etc. Unfortunately, users are still the single biggest flaw in all the security systems we implement.
7. Data Backup / Disaster Recovery
If none of the above have prevented an issue you must be confident your critical business data can be restored as quickly as possible to allow you to continue to operate. The ideal solution is having full images both onsite and offsite of your servers – not just a backup of the data.
Other areas worth mentioning that form part of the overall security are:
8.Data encryption – Protect your key data being taken, lost or passed to competitors
9.Drive Restriction – Securing and restricting USB and optical drives on the network to prevent data theft or introduction of viruses.
10.VPN Connections – Ensuring remote workers are connecting via a secure link and not transmitting your data directly across the Internet.
The above list is not exhaustive but enough to ask yourself – is your business doing all it can to protect itself from cyber security risks – before looking at more specialised areas.
In closing I would like to advise that no network, not even one with every single point above implemented, is ever 100% safe.
When threats appear they must be responded to by the providers of anti virus and firewall security. This takes time to complete and roll out to end users via updates.
All you can do is to minimise the risk by ensuring you have implemented as many of the security measures as possible
I hope you found this post useful and can take something from it to help your business – and if you would like to contact us you can do so here or call 02476 102030.