15 Cybersecurity Measures You Must Have in Place in 2019 – Part 1
As the use of mobile technology in business continues to grow, the need for robust cybersecurity measures becomes ever more urgent.
According to US security firm Datto, 55% of managed security providers reported ransomware attacks against clients during the first 6 months of 2018.
Meanwhile, 62% of security experts predict that cyber criminals will start using AI within the next 12 months.
Whichever way you look at it, the risk of being hacked or succumbing to a security breach is both growing in size and evolving in nature.
It’s why in 2019 you need to ensure you have the following measures in place to secure your organisation against the ever-present, ever-growing cyber threats that go hand in hand with the evolution of doing business online, on the cloud and with wireless and connected devices.
- Password Management
Human nature plays a massive role in all cybersecurity, and this is particularly the case when it comes to effective password management.
Even today, some individuals write down passwords on sticky notes despite knowing why this is so ill-advised.
Yet having to use multiple strong passwords for different web applications, systems, tools and platforms presents users with a major headache. Usually, if allowed, they will opt for weaker passwords that are easy to remember, or a single password for every log in.
Each of these options represents a significant security risk, which is why a using a network-based password management tool is a necessity.
The right password management tool gives Administrators the means to set up and enforce robust password polices. These include setting minimum password complexity requirements, policies for password rotation and time outs and bolstering the use of passwords alone with multi-factor authentication.
All of this needs to be in place to maximise protection for your critical business, employee and customer data.
- Computer Updates and Patch Management
As we wrote in a blog about Patch Management last year, a major cybersecurity challenge is the constantly changing software landscape. Many new malware signatures are created to target specific software applications, particularly those for which vulnerabilities have been identified, as well as older versions of software and operating systems.
Most operating systems and applications benefit from regular updates and upgrades, for which patches are issued. It is critically important that these patches are applied in a timely and organised way, so that vulnerabilities can be plugged, and exploits prevented.
With hundreds of software applications in use across the average organisation, keeping every instance and device updated and patched is a logistically time-consuming and complex responsibility.
For this reason, to ensure maximum protection, a patch management system is needed to ensure that every update or patch is applied to the right instance, on the right device, at the right time.
The core security building block of any networked organisation is the firewall. Firewalls enable Administrators to control the kinds of traffic entering and exiting from the network, whilst at the same time monitoring the types and volumes of traffic passing onto the network.
Clearly the main function of the firewall is to detect and prevent any unauthorised intrusions which may be directed at specific devices or IP addresses.
Typically, firewalls perform many security functions such as intrusion protection, anti-malware protection, denial of service attack prevention as well as web traffic monitoring and control.
Importantly, they provide Admins with detailed levels of control to monitor and manage users and applications.
- Spam Email Filtering
Email-borne malware is one the major cybersecurity risks, mainly because of the universal use of email communications in business.
It is particularly threatening because it’s easy for hackers and cyber criminals to disguise malicious emails as genuine, duping unsuspecting corporate email users into opening not just the email, but also the attachments and links associated with them.
Despite cybersecurity being widely seen as a technology issue, the truth is that a huge number of breaches occur due to simple human error. According to the 2018 IBM report, the amount of email spam sent to companies of every size increased fourfold during 2016 and represented the chief cause of accidental data loss caused by people working within an organisation.
Given the fact that human error can never be fully eradicated, it’s vital that systems are deployed to monitor inboxes and ensure that spam, emails carrying malicious links and virus-carrying attachments aren’t allowed to get through in the first place. Furthermore, these email filtering systems must carefully set up to ensure that all genuine and safe communications continue to flow freely.
- Backup and Disaster Recovery
No matter how complex your cybersecurity systems are, not even the most rigorous technologies can prevent disaster or catastrophe due to an act of God or terrorist action.
Yet backup and disaster recovery technologies are also critically important to mitigate the risk of ransomware, which can cripple an organisation’s network if widely infected.
To protect against all these possible risks, data backups must be carried out regularly at both local and in the cloud. Backup and restore services should be tested regularly and supported with a detailed Disaster Recovery (DR) plan.
In this way, should the worst happen, critical data and systems can quickly be restored, minimising downtime and ensuring that earnings-loss and reputational damage are kept under control.
Want to know more about how to secure your business against cyberthreats? Speak to Alliance Solutions on 0800 292 2100 or email email@example.com