At Signal Networks, we believe basic security ‘hygiene’ is a must for any organisation whatever their size, location or budget. Ensuring your business is up-to-date and actively protecting itself from any hackers or opportunists needs to be a standard practice that is constantly maintained.
In the same way you’d brush your teeth for a few minutes every day, you need to be protecting your IT network from security threats for a few minutes every day. These steps do not need to take up all of your time, and in some instances, once you’ve put the groundwork in place, they can maintain themselves with minimum effort.
Some of these steps can include:
- Patch Management– establishing all of your software is up-to-date and actively running on the latest version to ensure you’re not at risk following any zero-day attacks (as we recently saw with Java and Flash). By ensuring your organisation is using the very latest versions of software, you’re automatically reducing a simple yet main method hackers use to gain access to your companies data.
- Security Antivirus Software– by installing a security software such as ESET, you’re protecting your organisation with a platform that’s main role is to target and disable any malicious malware and/or viruses that are often snuck into company data through emails or web links. Often this antivirus software maintains itself with only a few prods and nudges now and again to keep it working efficiently.
- User Awareness– what do you do if Jane on reception uses her work computer to click on a new and unused web link. She ends up on the desired webpage, however not before being swiftly redirected to a data capturing page that saves an access door to the IT network created by a hacker. Unfortunately, a company is only as strong as its weakest link, and in this instance, this was Jane. Companies need to ensure they have protection in place for all employees to stop these types of instances. This could be enforced through an IT policy that is fully understood and signed by anyone who has access to the IT network.
- Endpoint Protection– these days, IT security protection need to go further than simply protecting the data already on a network, its protection needs to be considered before the data even get near the desired location. Hackers have changed their tactics and are targeting physical access points including USB ports, CD drives, Wi-Fi access and mobile devices. Some hackers are even physically bypassing building security using a false identity or taking advantage of a person’s good manners (who simply hold a door open for them). Companies need to put different levels of protection in place depending on the location and data content, and notice potential attacks or attempts to access their data at any given moment.
- PR security– how many times have companies been interview by the news only to have an employee screen on show in the background with a post-it note stuck to it. This post-it note is in plain view for all to see and details the Wi-Fi password. The same principles apply to every business (even if they don’t get reported on the news). At Signal Networks, we’ve heard of an example where an organisations competitor approached them under a false identity and claimed to be a potential client. The organisation invited this ‘client’ in for a site meeting and gave them a tour off the office without being aware of what the ‘client’ could quickly glance at or overhear as they passed by. It turned out that the ‘client’ managed to see enough to approach the organisations current patrons and undercut their prices.
- Backups– with statistics showing that 1 in 10 hard drives haphazardly failing every year, it’s no longer enough for organisations to be backing up once in a while and hoping for the best. Multiple backups are advised with remote offsite backup being the preferred method of choice for added protection and peace of mind. By taking your backup offsite, you can automatically schedule your backups to happen at set times on a specialised and secure location, all you have to do is set it up.
If you’d like to talk more about some simple methods of security protection for your organisation, speak to one of our IT Security Consultants today. We can provide impartial advice and advise on a variety of security methods that can be tailored to an organisations size, location of budget.