The 3 biggest security concerns for your business and how to protect against them.

Click The Arrow For The Table Of Contents
Laptop placed on wooden desk with security lock on the screen. Cyber internet security system

Like it or not, there’s a good chance a cyber security incident will threaten your business over the coming year.

With the nation-states now taking sides, the likelihood of a cyber attack has increased.

This article will discuss some of the primary measures your business can take to help reduce the risk of a cyber incident or data breach.

Network Related Attacks

These include a man in the middle IP theft and DDOS (denial of service).

The primary risk reduction method ensures that all network traffic is encrypted and that only SSL encryption technologies are used.

Services such as Office 365 for email, file and collaboration employ SSL as standard.

File and Data Access

Including; Information Theft | Data Breach | Document Theft

Personal Data Loss | Password Attacks

All business devices should be encrypted and restrictions put in place such as:

  1. A) Biometric data access (face ID or touch)
  2. B) Password protection
  3. C) PIN access

In addition to these measures, another layer of multifactor authentication should be used on all user accounts within the business.

Mandatory implementation of MFA (multifactor authentication) can help reduce the risk of data loss.

Device Infection Attacks

These types of attacks include: Drive-by Downloads | Rouge Software

Cryptolocker | Ransomware

Remote monitoring and alerting should be put in place as standard by your It provider. It will provide your business with an additional security layer.

Monitoring both activities on devices and alerting the potential infection.

In addition, the base security layer on all devices enforces admin only rights for all software installs.

A backup restoration process can be initiated when a device becomes infected with Ransomware or Cryptolocker.

The backup retention period should be at least 30 days, and the restoration process should be tested regularly.

Supply Chain Attack

In the event of a supply chain attack, there are a number of scenarios that should be simulated and documented in a cyber security response plan.

These include restricted access to critical operational systems, including email, finance and payroll systems.

In the case of a supply chain attack on Office365 and Microsoft services, the recovery procedures should be in place for limited file access in the form of local backups of Office 365.

If you would like assistance in reviewing your current IT security stack, do not hesitate to contact us today.