Wednesday, January 29, 2014

7 Ways to Improve Your Cyber Security

You can't have missed the reports of data breaches that are occurring with increasing
frequency, like the one at Target that made a big splash recently. Its only the biggest stories that make the news, so don't let the size of a company like Target lull you into thinking that only the big players are at risk. Last year's Verizon Data Breach Investigation Report shows how small and medium sized companies, especially retailers are vulnerable, particularly through their Point of Sales systems.

But what, as a small business, can you do about it ? If you have the resources, a review of your systems and procedures against the CSIS Top 20 Critical Security Controls is thoroughly recommended, but there are some easy things you can do to help.

First, a couple of points that need to be stressed: whatever you do, you won't keep out a determined attacker unless your systems are turned off, disconnected and locked in the basement. Secondly, security controls require defense in depth: you can't rely on only one measure - you have to put multiple hurdles in the path of your assailants.

Use Firewalls
Your broadband router almost certainly has a built-in firewall. Look at the rules it's using. Make sure these are the bare minimum you need allow you to operate. Make sure its admin account is locked down with a strong password.

Make sure your PCs have their own firewalls enabled, and again pared down to the minimum you need. This helps to limit the damage if another machine inside your company is compromised.

Install and maintain anti-virus software
Not sufficient on its own, but helps to keep out a fair number of threats. If the AV software can also scan you emails, so much the better. To be any use, the subscription needs to be kept up to date.

Virus based attacks can be very sophisticated, some using code that is designed to hide itself from anti-virus software.

Keep security patches up to date
Make sure you check regularly for and install security patches in all the software you use. Enable automatic updates if possible. As soon as a vulnerability is discovered and publicised, criminals will start designing exploits for it and scanning for unpatched systems to attack.

Ensure Phishing Awareness
Outer defenses are useless if someone in your organization accidentally leaves the keys lying around. Phishing emails attempt to trick you into revealing passwords or downloading malware. If these purport to be from colleagues, customers or suppliers, you may find yourself opening a contaminated file before you realize it. Make sure you and your colleagues take awareness training regularly - a quick Google search will reveal lots of resources to assist.

Control Use of Portable Devices
When people attach portable devices to your network, it opens up a huge range of risks, as you can't be sure what other networks they been connected to and what they've been exposed to. There is a whole industry growing up around management of portable personal devices - you've probably heard of BYOD. The easiest solution is not to allow these to connect to your core network/domain if you can avoid it.

Isolate Sensitive Data
Not always easy to do, but if you can manage it, keep sensitive information such as customer records and accounting information on separate machines to the ones you use for e-mail and internet access.

Establish and monitor a robust password policy
Last but not least, your passwords need to be strong - 8 characters and preferably more, consisting of letters, numbers and punctuation characters. There are lists readily available of the most common passwords that people use, and an attacker will zip through these very quickly. If your password is too short or does not contain the full set of character classes, a brute-force attack (trying all possible combinations of characters) can be accomplished in a surprisingly short time.

It is a major headache, but your passwords need to be changed regularly too. Don't rely on people to remember to do this - if the systems you use support setting up a password policy, be sure to use it.

www.technovox.co.uk

17 comments:

  1. Today’s advanced threats are ever-evolving so a strong security roadmap helps ensure you have an adaptive plan to combat cyber attacks. Having a well thought out roadmap also enables security teams to collaborate, find the right resources, and provide creative solutions to cyber security imperatives.

    ReplyDelete
  2. Nice to be visiting your blog once more, it has been months for me. Well this article that ive been waited for therefore long. i want this article to finish my assignment within the faculty, and it has same topic together with your article. Thanks, nice share. proteccion de datos

    ReplyDelete
  3. The majority of us are utilizing web and PCs for online exchanges where we transmit individual data and conceivably do financial exchanges.vericlock login

    ReplyDelete
  4. You can secure you room and your assets in shared or understudy lodging so quietly that nobody will know. https://www.bestsecurityplace.com/

    ReplyDelete
  5. แทงบอลออนไลน์ A complete online betting website is open for service Online on mobile The advantages of the web are Register for the first time, the minimum deposit is only 100 baht, make a deposit-withdrawal, no minimum, 24 hours a day, complete, convenient, can be played via any smartphone. Our website is 100% safe.

    ReplyDelete
  6. Ik heb het helemaal gelezen en ik heb echt genoten van deze complete en uitgebreide inhoud.

    Voor alle website design services kunt u contact opnemen met Nexoz.

    SITE MET IDENTITEIT

    Uw website moet een identiteit hebben. Uw webontwerp moet de overtuigingen en waarden van uw bedrijf weerspiegelen.

    ReplyDelete
  7. بسیار محتوای مفیدی بود. ممنون از اینکه این گونه مطالب رو به اشتراک می گذارید.

    هنگامی که نوبت به یافتن یک شرکت تعمیر لوازم خانگی می رسد، دو سوت تعمیر کلیه شرایط را دارد.

    ما اطمینان حاصل می کنیم که فقط از افراد متخصص و واجد شرایط استفاده کنید که می توانید به آنها وابسته باشید.

    ما با ارائه ضمانت در کلیه قطعات و تعمیرات در پشت متخصصان خود ایستاده ایم.

    هنگامی که دو سوت تعمیر را برای سرویس و یا تعمیر لوازم منزل خود انتخاب می کنید، کاری می کنیم که از تصمیم خود اطمینان داشته باشید.

    ReplyDelete
  8. متشکریم از به اشتراک گذاری.

    در صورت نیاز به خدمات طراحی گرافیک، تبلیغات و یا طراحی و توسعه می توانید به تیم ریوال ایجنسی اعتماد کنید.

    مهمترین هدف مجموعه ریوال ایجسنی تامین نیازهای قسمت های مختلف گرافیکی و تبلیغاتی در سطح بین الملل در داخل کشور می باشد.

    ریوال ایجنسی با سابقه ای درخشان و با در اختیار داشتن کادری مجرب و حرفه ای در عرصه گرافیک و تبلیغات آماده همکاری با شرکت های داخلی و خارجی می باشد.

    ReplyDelete
  9. Your website is the right blogging platform. It is such a good article. เว็บ 789bet

    ReplyDelete
  10. در صورت نیاز به سفارش طراحی لوگو در تیم خلاق ریوال آنلاین بهترین گزینه ی شما است.

    ReplyDelete
  11. طراحی لوگو با بیان خلاقانه مفهوم برند، تعامل مشتری را فراهم می کند.

    ایجاد لوگوی خلاقانه با پنهان کردن مفهوم برند در لایه‌های طراحی لوگو و رنگ‌ها، برند شما را بدون زحمت و به سادگی وادار می‌کند، رهبری را از دیگران ربوده و در حالی که در ناخودآگاه مخاطب قرار می‌گیرد، سود را تضمین می‌کند.

    ReplyDelete
  12. Great post! Thank you for sharing informative post with us.

    ทางเข้า 123betting

    ReplyDelete
  13. 123 slot The best slots right now.

    ReplyDelete
  14. Maria The number 1 best website to make Money

    ReplyDelete
  15. เว็บแทงหวย Online gambling website with full range of games from various camps.

    ReplyDelete