As a small or medium-sized business manager, you already have a lot on your plate. Having to worry about cybersecurity and the issues it can cause for your business isn't always on the top of your mind. Still, attacks that threaten the well-being of your company are on the rise. This year, the U.S. recorded the most ransomware attacks out of any country worldwide. In fact, of the top 10 countries for ransomware volume, the U.S. had nearly four times as many ransomware attacks as the other nine countries combined! So despite cybersecurity not always being at the top of your mind, the risk is real, and it's more likely than ever that your data will be attacked.
Cybersecurity In Your Business: Starting Point
The #1 vulnerability in any company is negligent employees and contractors. So the first thing you need to do is prepare your team and educate them on how to protect themselves and your business.Start with the basics
- Strong passwords and biometrics continue to be an essential part of the security defense. Require strong passwords that need to be changed regularly. Move towards single sign-on and, most importantly, ban the use of post-it notes!
- Use centrally managed firewalls, anti-virus, intrusion detection, and adaptive threat detection software.
Protect Your Data
- Having a backup is not good enough if it is on the same network as your data.
- Professional hackers have become more adept at encrypting backups Use offsite or cloud backup services for redundancy.
Educate Your Employees
- Malware often comes in through links in spoofed e-mails and other phishing methods. Teach your team not to click on unsolicited offers or links, review the source of the e-mail and not just the content.
- Have your employees use complex passwords and ensure it is not the same password with an incremented number each time.
- If they are ever uncertain whether something may have created a vulnerability, have them change their password and report to someone within the company without fear of retribution.
Tips to Avoiding an Attack:
There is no end-all solution to avoiding an attack when it comes to cybersecurity. They are somewhat "inevitable," especially since not all attacks are large-scale in today's day and age. Any crack in your business's cybersecurity defenses is a big deal, but there are ways to fight against them and limit the damage they can cause.
Segmentation and isolation
- The more you can separate parts of your network with virtual local area networks (VLAN), proxy servers, and other techniques, the more likely the attack can be isolated before it permeates your entire network. The less it spreads, the less damage it does.
- Isolate your backups from your regular network, so if you are attacked, your backups are safe, and as stated previously, use offsite or cloud backup services for redundancy.
- Isolate public-facing machines on your network and from your critical corporate data. Learn more in our Network Segmentation Blog.
Plan and Prepare
- If you have a disaster recovery plan, test it. If you don’t have one, create one.
- Get cyber security insurance. Some companies specialize in offering this coverage, and they have assessments that may open your eyes to the practices you need to have. Once hit, the requirements imposed by insurance companies will increase exponentially along with your premiums.
Outsource Risks
- E-mail continues to be a major source of malware. Why maintain your servers when Microsoft, Google, and others can do it for you.
- Consider your corporate IT strength to determine what else could or should be outsourced.
The biggest obstacle to implementing policies to protect small and midsized companies is a lack of cybersecurity expertise or funds. This is one of the reasons why managed service providers and outsourcing to the cloud continue to grow in popularity.
To learn about how Summit Hosting can help keep your business always on and always secure, contact us and speak to one of our cloud hosting specialists today.