The migration of employees working remotely has created significant challenges with keeping a business secure. And with threats to that security constantly changing, staying on top of cybersecurity requires not only time, but also expertise that most business leaders don’t have.
A strong cybersecurity program is multi-layered and evolves as the business – and threats – evolve; however, every program includes these basics:
Perimeter & Network Defense
Newer-generation firewalls not only block malicious traffic from the outside to harden the network perimeter, but also improve internal security by looking for threats from within and isolating them. Firewalls should be configured to block known bad websites (pornography, phishing, etc.) using a content-filtering system. Many organizations also restrict social media to mitigate threats and improve employee productivity, for example only allowing Facebook during lunchtime. We recommend ensuring that WiFi networks are secure and governed by the same firewall content-filtering controls and always separate guest access from corporate traffic.
Endpoint Protection
Individual endpoints such as workstations and laptops should be protected with a centrally managed suite of security protocols that include anti-virus, anti-malware and browser/DNS protection so that threats can be identified and mitigated quickly before they spread. We recommend to discontinue using operating systems that are at the end of their product lifecycle such as Windows7, as they are highly susceptible to attack since they no longer receive critical updates. Mobile devices such as cell phones and tablets should also be managed and protected if used to access any corporate resources.
Email Defense
Phishing and email threats are increasing in sophistication and destructive potential, so a good email security and spam filtering system is a must-have. If hosting with Office 365, we recommend enabling Advanced Threat Protection (ATP) at the highest level you can afford. Otherwise, utilize a reputable cloud-based spam and virus filtering solution. Many cloud-based solutions also offer additional features such as identity protection, Data Leak Prevention (DLP) to protect corporate or sensitive information, and archiving capabilities to backup emails indefinitely.
Passwords and Multi-Factor Authentication
Enforce the use of complex passwords that contain a minimum of 10 characters and contain a combination of upper and lower case letters, numbers and symbols. Passwords should not contain any combination of the company name, username or common words that could be easily guessed. In fact, passphrases work best. Our experts also recommend clients utilize Multi-Factor Authentication (MFA) as a secondary challenge measure. It’s important to note that text messaging codes can be compromised, therefore the most secure MFA method is using a mobile app such as Microsoft Authenticator.
Employee Security Awareness Training
The best line of defense in most cases is a well-trained user who knows how to practice safe computing. This often means implementing a training system to teach them how to spot threats and report them to IT. Möbius Partners uses a simulated email phishing system to attempt to trick users into clicking links. Those who click those links (and therefore, fail) are automatically enrolled in remedial training that includes media-rich content such as videos and interactive games to help them spot attacks in the future and learn safe computing habits. The program is highly effective.
Backups
If all else fails (and you should assume it will), make sure that you are using a backup process that allows for both onsite and cloud-based replication and recovery. Möbius Partners backup solutions can even turn a failed server into a running virtual machine on a standby appliance, whether on-site or in the cloud, to cut downtime to nearly nothing. Backups should be monitored daily to validate their success and periodic test restores should be performed to confirm that recovery is possible.
Get HELP!
Let’s face it, all of this is a lot to manage and can be very distracting from your core business. Consult a trusted expert who can understand your unique needs and tailor the right solution to fit, so that you can get back to doing what you do best. Successful organizations cannot afford to put themselves at risk, especially when it comes to information systems and the data they contain. The expert team at Möbius Partners can help keep your organization protected. Learn more by contacting Scott Gondesen, Director of SMB Solutions, at scottg@mobiuspartners.com or 281-601-4800 x 106.
To request a free detailed security risk report and remediation plan, contact info@mobiuspartners.com or visit mobiuspartners.com/risk.
Scott Gondesen is an experienced virtual Chief Information Officer (vCIO) who has worked in the IT industry for more than 30 years. He currently serves as the Director of SMB Solutions at Möbius Partners, a San Antonio, Texas-based IT solutions provider that offers a continuum of best-of-breed technology and services. Originally published in the San Antonio Report here.
Other articles to check out:
Best practices for backup and disaster recovery to secure your data
get started today
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
"*" indicates required fields