It’s January again, 2019 has come and gone and we have seen many security breaches this past year. We have seen an increase in ransomware attacks and expect that this new year will have much more of the same. These attacks will cost people, small businesses, and organizations millions of dollars in damage and cause some small businesses to close their doors. While losing weight and eating healthier are great goals for the new year ensuring the well being of yourself, your family, and your companies or organizations should be a top priority for this new Year. With that in mind lets go over five new year’s cybersecurity resolutions.
Security training and to a greater extent make secure web browsing and just all-around security part of the culture of your organization or of your daily life. This is something that we have talked about in previous blog posts, but it just stresses how important these guidelines are. Being educated in good security practices will help you identify and prevent phishing attacks and ransomware attacks. Red flags for these types of emails are ones that ask for your security credentials or your password, and emails from unrecognized addresses should always be viewed with caution.
Once you have spotted one of these emails it is always a good idea to have them quarantined and contacting your admin to see if they have sent any emails regarding your security credentials (they usually don’t do this). Remember that sometimes just opening these emails can infect your computer and compromise your network. It is always a good idea to contact your admin if you are unsure of what to do in this instant.
Next, we shift to good web browsing and this is where it can get tricky sometimes it’s not easy to tell if a website has malware on it just from the URL or the description from a google search, this is where a good anti-virus with web protection comes in handy. That ability to have the software search the website for malware and tell you to not proceed because of possible malware is huge. These steps are a good start to protecting your network and your data, but this is not where it should end cybersecurity should not just end with some meeting and some guidelines, it should be part of a company’s culture.
Creating a culture can be difficult but having posters that remind employees of how to identify suspicious emails and websites is a good start. Having a bi-weekly/monthly company email on the latest malware attacks and advice on how they can protect themselves and having a secure company chat where employees can be kept up to date are good ideas. A big part of the web security is having a good anti-virus and that’s what we will talk about next.
Anti-viruses and good firewalls are your first line of defense against data breaches, but they should not be your only source for protecting your data. It is best to use a multi-step authentication system with at least two steps, these multi-step authentication systems are just what they sound like they require multiple steps to access your data.
If you have ever set up your two-step google authentication to log access your google accounts you should be familiar with this, in the instance of google accounts when you log in, it sends a message to your phone or mobile device and you either accept or deny the request for access. Now the multi-step authentication that you implement may not be the same, but the idea is the same. This while a simple idea, in theory, can become extremely complex, and that can make it serve your needs at every level of security requirement.
These two are straight forward and don’t require tons of explanation but are the ones people most frequently ignore. Keeping your system and security software up to date is a key part of protecting your data these updates regularly patch insecurities of your software or provide your software with new data on the latest virus and on how to detect them. Next, we will look at backing up your data which you should always be doing. Keeping copies of data can be a huge help especially in the case of a ransomware attack because these viruses tend to destroy your files even when you pay the ransom. Keeping your copies of files in a different location besides your main server or computers is always a good idea. Although these two sound very simple and straight forward doing these can save a big hassle down the line and remove any headache that you might have if you didn’t do this.
You have bought a state-of-the-art system and all the top of the line security software and you think that you are all set, but now a few years have past and you have been maintaining all your systems up to date but that is not enough. Things change at an alarming pace in the tech world especially when it comes to cybersecurity. Having the vulnerabilities of your system assessed and addressed is something you should always be doing because what might be secure one day could not the next. If you can’t have this done in house it is best to seek outside talent to fill these gaps and ultimately keep your data safe.
Finally, we get to last of our resolutions, and it is the one we hope that we never have to use. That being said it is one that requires the most thought because there are a lot of possibilities. This incidence response plan may not just be one plan but multiple ones for different scenarios and is one that you should be talking to your IT department about or yourself if you are a smaller scale business. These will involve what will I do if x happens and how would I respond with my current set up and what will I lose if this happens. Now although this could be a doom and gloom experience, they will help identify what more you can do. With this plan, you won’t feel so bad if it happens and you will know how to respond and how to recover.
Contact Powerland to learn more about what we can do to help by contacting us online using the contact form below or by emailing us at marketing@powerland.ca. We will happily redirect you to the correct Knowledgeable Security representative.
