Security Practices for Your Business — How many can you check off your list?
When it comes to online security, size stops mattering. A giant name of the industry is as likely to be targeted as a company having a triple figure strength. Conversely, a small company, through the use of bulletproof security approaches and techniques can be more secured than an MNC which has gone lax on the security front. Larger enterprises have huge volumes of data to steal, smaller ones may have network security holes, inviting network breaches. Whatever the approach, the intent of cyberattacks stay more or less the same: obtain access to sensitive data and misuse it either through blackmail or theft.
To ensure this doesn’t happen there are some practices you can use to fortify your online presence.
Firewalls stand guard at the frontiers in the war against cybercrime. They’re the preliminary barriers between an intruder and your organization. If you have a strong firewall, it just means your internal security systems don’t have to do the heavy lifting. Nowadays, with the ‘work from home’ working style, firewalls become especially important as an employee can login to your work environment remotely. This insinuates that firewalls have to be setup on employees’ home networks as well.
A web application firewall (or WAF) filters, monitors, and blocks HTTP traffic to and from a web application. You will find more details about WAF and its working here.
Stealth Ports can be setup by blocking incoming connections to that particular port. This makes the particular port, for all intents and purposes, invisible to the external world.
Firewalls can block potentially harmful packets through a rule-based system. Traffic that passes the tests is allowed through to the network. You can configure the rules to filter out specific IPs, specific ports, specific network payloads etc. Harmful packets can be dropped automatically or trigger a warning so that the System Admin can decide what is to be done.
An imposter gaining access to your firewall’s internal settings defeats the firewall’s purpose. An intruder can pose as an admin or spoof your firewall through a variety of methods. To prevent this make sure your passwords are secure, you have cleared out all default passwords, and you have carefully administered privileges and roles to the numerous people who will be managing the firewall.
The World Has Gone Mobile
According to Statista.com, 52.2% of the global internet traffic is attributed to mobile phones. It would be inaccurate to say your existing security mechanisms would just carry over to mobile users. Mobile security needs planning, it needs to be deliberate. You need to account for SMART devices and IoT upsurge.
Companies are inching towards the Cloud for storage and computing. What this means is, even if your employee is off the clock, she/he will have app/browser access to the cloud. If the employees become lenient towards security, they aren’t just putting themselves at risk, but also the data integrity of your entire organization. Security updates are typically automated on mobile devices. If they are not, make sure you issue directives to your teams to go through the process manually. All mobile devices need to have the latest possible security patches, leaving no room for security holes.
This is an extension of the previous point. It is commonly observed that mobile users leave their Bluetooth/WiFi/Hotspots on even when they are not using them. This leaves an open connection to the network they were communicating with. An intruder can exploit this communication and gain access to both their device and the network which is on the other end of the communication. This is especially dangerous if the intent is to get some work done off-location. Enforce a habit of need-based toggling of these wireless options amongst your team and yourself.
As discussed above, employees are more inclined to login remotely to their work environments. Sending streams of data over a non-encrypted network connection leaves your data packets vulnerable to injections, packet theft, packet modifications etc. Always use encryption services like VPN.
Be careful with your downloads
Downloads from untrusted web pages or file servers can house malware that triggers scripts and macros onto your device. We have already covered that it does not matter whether you are using the company’s machines or your own, for work. You risk putting the entire organization at large in a vulnerable position if you have access to the company data through your mobile device through apps like Google Drive, OneDrive etc.
Mobile security apps can handle security for you. Well-known security vendors include Lookout, Avast, Kaspersky, Symantec and Qihu, applicable for iOS, Android and Windows Phone.
Education & Awareness
Non-technical staff in an organization must be trained on using network resources judiciously and with full awareness of the implications of their missteps. All employees must be made aware of the various phishing techniques cybercriminals use. Finance department is usually a favourite target for a cyberattack. It is not the case now that employees be sound in only their respective fields. Everybody across the board needs to be taught the importance of cyber security and online presence etiquettes. You can organize awareness drives, discuss case studies and hold training sessions to edify your team.
Prevention is better than cure. However, a cyber attack can penetrate your security hull. In this case, downtime is dangerous, as you will be handling sensitive data pertaining not just to your organization, but also your clientele. Having regular backups can help you get back on your feet in no time.
Third-party Services and Products
The Verizon 2016 Data Breach Investigations Report found that 30% of employees opened phishing emails, a 7% increase from 2015. It is imprudent to rely on good sense alone when it comes to overall security. You should complement your efforts of educating your staff with the best possible cybersecurity products and services.
Organizations today are faced with growing complexities everywhere, from continuously evolving automated targeted cyber threats on the network, applications & programs to keeping abreast with the most current security patch updates. Your cybersecurity should evolve accordingly with constant patch updates, regular VAPT checks, round the clock network health check. Logix offers Email Security and Cybersecurity bundles for these needs. We also take care your DMARC compliance to prevent threats through email traffic and domain spoofing.