As more and more of us rely on laptops, computers and the internet to do our daily jobs, it’s more important than ever to make sure you’re cyber secure. In a recent government survey, statistics showed that 72% of UK businesses have identified a cyber security attack or breach in the last 12 months. And with this costing the average company around £9,000 a time, can you really afford to have weak spots in your security?
Even more scrutiny has been placed on this topic since the new data protection laws were enforced in May, but there are still a lot of people who aren’t clued up. It’s estimated that 11% of UK businesses are still not addressing the issue of cyber security and in doing so are putting the personal details of their customers in jeopardy. And because those that do take it seriously are unable to get even the basics right, it is certain that the attacks will become more serious and more frequent.
So how can you protect yourself against the 3.6 billion hacking attempts that happen everyday? Our Technical Director, Nick Matthews shares his 3 best ways you can keep the hackers at bay and keep yourself secure …
Cloud-Based Network Protection
Ever had a dodgy email from Amazon asking you to review your current order that you didn’t make? Or had notification of a huge HMRC rebate that sounds way too good to be true but you’d love a holiday in the Maldives next year so why not investigate? You see it all the time. And they’re becoming harder and harder to spot. Let’s say that Susan clicked that dreaded ‘click here’ button and was sent on a wild goose-chase between sites. Susan has been compromised and malware is embedding itself on her systems. Uh-oh. Now she is being spammed and can’t get on with her day because she’s locked out of her computer.
Can it be avoided?
Yes – if Susan’s company had invested in cloud-based network protection. One of the best tools is Cisco Umbrella. Essentially it works in the same way as an umbrella, except imagine the rain is actually malicious destinations. Instead of allowing these destinations to take advantage of your network, Umbrella scans the internet for them and blocks them before a connection is ever established.
How it works
Using DNS, Umbrella proxy’s world wide web traffic and routes requests to those pesky domains, offering pro-active file and URL inspection. So when you click that dodgy link, Umbrella will already know that it’s malicious and will stop you from ever reaching the site at all. It also stops connections if any of your devices are already infected in other ways. This stops data ex-filtration and ransomware encryption, so you can browse in peace, knowing you’re secure.
Stop attacks in their tracks
Because Umbrella learns from the internet, it can make connections between domains, malware, IPs, and networks to identify attacks before they’re launched. It will analyse the data from its searches and scan for anomalies that are likely to be malicious. It will then build a repertoire of these risky destinations and automatically block them before they reach your network.
Password Policies
It’s 2018 and Dave has one password for everything. Just Eat account – dave123. Work login – dave123. Argos account – dave123. Today, Dave has been locked out of every account. He is shocked that someone has managed to hack his password and now has access to all of his confidential, personal details. Dave is a donut. But he isn’t the only one. According to Flavio Martins at Digicert, 73% of users have the same password for multiple sites and a whopping 33% use the same password every time.
Be it busy lives, forgetfulness or just a case of plain lazy, we’ve all been guilty of it at some point. But today more than ever, we must be more savvy when it comes to our passwords. But how?
Put a policy in place
You would be surprised how many companies and businesses don’t have a basic password policy in place. Yet this is crucial in securing our systems, data and devices that we use daily. And while guidance is given on passwords, it is advised that we change them regularly to keep those pesky hackers on their toes and increase password protection. But not all organisations see the value in this and in trying to save their users time and effort by doing this, they cost themselves an arm and a leg.
Password creation tips
Ensuring you have a robust password that people wouldn’t be able to guess is key. There are a number of different ways you can do this, but the best way is to follow guidance from The SANS institute which outlines how to make your password a tough cookie to crack. A strong password …
- Contains a mix of uppercase and lowercase letters, punctuation, numbers, and symbols.
- Contains at least 15 characters.
- Must be unique from other accounts owned by the user.
- Should never include dictionary words
- Should never include patterns of character
Two-factor authentication
A strong password isn’t the only way you can protect yourself, your systems and your network. You could also add two-factor authentication. This adds several layers of security so if someone does manage to crack your password, they’ve got a whole series of elements to guess too. And by that point, is it really worth the hassle? We’d like to think so.
Users can do this via third party software like Duo or Google Authenticator, SMS authentication or even by simply adding pre-set security questions via access policies. If this is done correctly, you have a much better chance of staying secure and steering clear of the hackers!
Staff Training
So you’ve just installed all of the top notch security products and you think you’re safe right? Wrong. If you don’t invest in regular staff training, regardless of the security steps you take, or how much you spend, you can still be compromised. It is essential that you ensure your staff are vigilant and aware of potential threats, especially when it’s so easy to be caught out.
You can sign-up to online schemes like Cybsafe which cover all of the fundamental elements of business security. This tests your staff on key threats that they could be faced with in the event of a security attack. So next time Ron gets a phishing email from a hacker asking for his details, he’ll know what to check, how to report it and ultimately, avoid it altogether.
What are you waiting for?
You can no longer afford to put security at the bottom of your list. You must act now to prevent the long-lasting effects of security breaches and compromise. Follow these tips and you’ll have the hackers looking for a new day job you’ll be that secure. For more advice and tips on how to keep your business secure, get in touch with our team of experts who can suggest the best way to protect yourself, whatever your budget.
Recent Comments