The word “cybersecurity” is now a part of the daily news cycle as governments and businesses alike continue to experience breaches in their networks. As the costs of such breaches rise, it is imperative that businesses, large and small, develop a business continuity and incident response plan. Cybercriminals don’t stalk only the big companies, on the contrary, the smaller companies are softer targets and easier to penetrate. And, because a network breach can be so devastating to a business, every business should take proactive measures to protect its network and devices.
The U.S’ National Cyber Security Alliance found that 60 percent of small companies are unable to sustain their businesses over six months after a cyberattack. According to the Ponemon Institute, the average price for small businesses to clean up after their businesses have been hacked stands at $690,000; and, for middle market companies, it’s over $1 million.
When addressing cybersecurity for your business, starting with network security basics is key. Ignite Solutiosn Groups’ technical support team recommends the following to improve the cybersecurity of your business:
Invest in cybersecurity training and education for your employees.
Most breaches occur because an employee clicked on a link or provided information that allowed a cybercriminal access to the network.
Be sure to have a business-class network security appliance (NSA) in place.
No single product or service can offer 100% security, but a NSA or firewall is like having a guardian at the gate of your network, which controls all the data coming in and out of the network.
Even better: Have systems and people monitoring your firewall and network security equipment.
Maintain Multi-Layer Antivirus and Malware protection on the network.
Antivirus software or AV, scans all the files you open, providing real time protection. To maximize the security effectiveness, it’s very important to stay current on the software updates as new malware and virus definitions are constantly changing.
Even better: Ditch old AV that relies on pattern files which require updating and implement enpoint protection that uses Artificial Intelligence to detect threats.
Strong web filtering technology.
Web filtering tools provide real-time monitoring of URL and content to block undesired access and uphold user permissions to protect your network.
Multi-factor Authentication (MFA).
Access control to your computer network is paramount to security, which starts with confirming a user’s identity with at least two different components for access.
Even better: Don't rely on text message based systems, it's too easy for a bad actor to gain access to your phone service and intercept a text message. Instead use MFA applications like Microsoft Authenticator, Authy, or Google Authenticator, or for the best security use a hardware token or security key.
Robust password complexity and rotation policy.
Passwords are an important aspect of computer security and every organization should have a policy addressing it. The purpose of this type of policy is to establish a standard for creation of strong passwords, the protection of those passwords, and the frequency of change. Sure it can be a pain in the butt, but if you're using a Password Manager.
Even better: Use passwordless authentication which relies on Security Certificates and Biometrics so you don't have to remember a new password every time.
Effective backup.
(It isn’t keeping a breach from happening but can help clean it up!) With ransomware as a prevalent threat to security and how you risk losing access to your company files, practicing regular backups of your network is a proactive step toward a continuity plan for your organization.
Cybersecurity for your organization is a collaborative effort with your I.T. management and employees – but the first step begins with the awareness that I.T. risk is a part of corporate risk management. Get a strategy, get policies in place, and get a continuity plan!
Be Proactive. Be Vigilant.
Ignite Solutiosn Group provides full-service managed IT and cybersecurity services for small to medium-sized businesses across the state of Hawaii.