The changes in our tech landscape have been significantly altered by the pandemic, however, despite its continued pervasiveness within the news, COVID-19 has not been the only great change that businesses have needed to adapt to. The development of new integrated software to facilitate remote working has created a change in the way businesses operate inside and outside of the workplace, for both clients and employees. With these innovations, there have been additions in the types of cyber threats that businesses now face. Finding ways to prevent cyber attacks on businesses such as network targeting, malware attacks, toll fraud and others that could result in your business being compromised or your data involved in data breaches.
Across all industries, a primary concern is security and compliance: making sure that your business data complies with GDPR legislation and other governmental standards to keep your business safe, compliant and secure.
Here are five cyber security tips you can look to implement within your business to help tighten up practices and improve your approach to cyber security this year.
You will likely already be familiar using Multi Factor Authentication methods when accessing Social Media accounts, online shopping accounts or online banking.
In our view, Multi-Factor Authentication (MFA) is a must-have for any business. When correctly set up across your business, MFA requires two or more verification factors for the user to gain access to a device, online account, application or to access a VPN.
These two things could be a combination of:
MFA benefits your business by improving security levels as it ensures there is an additional layer of security needed to gain access, reducing the risk of unauthorised access occurring and any potential data loss, theft or data breach.
If you are not familiar with it, the Dark Web is a part of the internet that has not been indexed by search engines that contain illicit material that cybercriminals can access and buy such as usernames and passwords, credit card, medical and subscription information.
Keeping an eye on what company information is stored on the Dark Web can prove tricky, however, Dark web audits enable companies to know exactly what information of theirs is available for purchase and where that data has come from. The audit then enables users to identify all weaknesses and quickly change those passwords to secure their business.
Infinity Group are currently offering a free Dark Web audit for businesses – please get in touch if you are interested.
Hackers and scammers develop their practices at the same speed that security developers create new security software. It is because of this that decision-makers must remain mindful of their business’ environment and ensure applications are kept up to date and regularly patched.
Maintaining your business systems and applications to be “in support” and up to date with security patching is essential to mitigate risk to revenue and reputation. Any vulnerabilities in old applications on servers, workstations, and mobile devices can put your business at risk. In today’s remote working environment auditing your systems can be almost impossible without the right tools that do not rely on a person or device being connected to the office network.
Some recommendations here:
As with managing security updates in a remote working world, keeping your business devices protected from malware threats can be very difficult. It is recommended that a centralised cloud-based solution is in place to protect devices and manage device health. A good solution would provide easy auditing of all protected devices, their agent installs health, any outstanding alerts, and remote threat mitigation tools.
Desired features are:
The introduction of a few simple processes can greatly reduce risk around your IT Estate. If every new laptop or network appliance is always set up to a building checklist that follows security best practices then over time you can make confident statements about the security of your IT estate. These best practices should be reviewed following any major changes to the business, its IT infrastructure, or the technology industry.
Some examples are: