According to the World Economic Forum (WEF) Global Risks Report 2020, cyberattacks will be one of the greatest risks to businesses over the next decade. It will outpace terrorism, political conflict and destruction of natural ecosystems. That’s why we’ve put together a business guide to cybersecurity.
Here are six best practices that businesses should follow to protect their customers, employees and future.
Regular Firewall Updates
A firewall is your network’s first layer of protection from the outside world. This means it’s a very important element in our business guide to cybersecurity.
Firewalls need to be updated regularly with the latest security features. If your firewall is included in a subscription service, updating things like intrusion prevention, anti-malware and spy detection should occur automatically. In addition, often the subscription services will notify assigned contacts when an update is needed. Make sure that these notices are going to a person who can act appropriately to protect the business.
If your firewall does not involve a subscription service, your IT team or MSP should purchase or reinstate a subscription to get the latest firmware. They should also review any available updates at least monthly. In fact, any network device that is exposed to the internet, including servers and VPN appliances, need to be kept current with patches and firmware updates.
At Atlas, we conduct the following for clients to ensure they’re maintaining a secure firewall:
- Providing routine maintenance on firmware updates
- Tracking expirations of subscription services, to ensure they don’t lapse
- Ensuring purchases of necessary yearly updates
The second must-have in your business guide to cybersecurity is sandbox security. A “sandbox” is an isolated environment on a network that mimics end-user operating environments. Sandboxes are used to safely execute suspicious code without risking harm to the host device or network. If the execution is safe in the sandbox, the code will then go back through the firewall to the user, with no detectable delay.
Sandboxes provide another layer of advanced malware detection and prevention. They are particularly helpful in detecting previously unseen (zero-day) malware and stealthy attacks.
Some firewall products include a sandbox component or optional add-on, such as SonicWALL’s Capture Advanced Threat Protection. Sandboxes can also be included with other threat detection software.
Network and Endpoint Threat Detection and Prevention
As cybercriminals get more and more savvy, it’s important to include network and endpoint threat detection and prevention in your business guide to cybersecurity.
Standard prevention can involve anti-virus and anti-malware programs that protect computers and servers from previously identified threats. It could also include software that’s deployed on the perimeter of the network, like behind a firewall to protect at the network level. This would help detect possible threats to other devices on a network, such as an NAS drive, printer or switch.
Advanced threat detection (ATD) and advanced threat prevention (ATP) offers enhanced security services beyond anti-virus and anti-malware programs. ATD can pick up on suspected zero-day malware and viral signals that haven’t yet been identified. It looks for unrecognized and anomaly activity, then reports it to a real-time security operations center (SOC). Comparing the suspicious code to a large, global dataset of activity, the SOC analyzes it more deeply to determine whether or not it’s a new threat.
Atlas offers network and endpoint threat detection and prevention as an add-on to our Managed Security Services.
Thanks to data breaches, malware and other forms of cyberattacks, it’s nearly impossible to secure an online or mobile account with just a password. That’s why requiring multi-factor authentication for all cloud applications is next on the list in our business guide to cybersecurity.
Multi-factor authentication adds another step to authenticating users’ identities, which makes it more difficult for cyber-attackers to access data. Step One of the authentication process is providing a user name and password. Step Two of two-factor authentication requires the user to provide another piece of information to complete the login process. This could include a verification code, answer to a personal security question or biometrics, like a fingerprint scan.
When we onboard clients to Microsoft Office 365, we implement the free MFA that comes with the service. We also offer Cisco’s Duo product for an additional level of MFA that can protect users for a variety of compatible applications, services and cloud-hosted products. There are many different choices for software that will enable you to use multi-factor authentication to secure your business.
Passwords can often be the only barrier between a hacker and your business information. That’s why having a smart password policy is number four on our business guide to cybersecurity.
We recommend requiring that employees:
- Update passwords every three months.
- Use a different password for each login.
- Not reuse passwords.
- Create strong passwords. The United States Computer Emergency Readiness Team offers tips for creating strong passwords.
Cybersecurity Awareness Training
A recent report by Shred-It found that 47 percent of business leaders had data breaches caused by human error at their organization. Here are some ways your staff may be unwittingly putting your customers and business at risk:
- Inability to recognize ransomware
- Failure to identify spear-phishing
- Lack of social media awareness
- Compromising sensitive information
Training employees so they know how to identify potential cybersecurity attacks and protect sensitive information is a key element of our business guide to cybersecurity. At Atlas, we partner with security awareness training company KnowBe4 to help our clients stay up to date.
Does your business need help shoring up its cybersecurity defenses? We’re here to help. Contact us today to learn how.