Ten Steps To Protect Your Business From Cyber Attacks
ON THE RISE
The lack of action against cyber threats.
Most Australian small-medium businesses owners rate cyber security as extremely important yet few take some of the simple steps below to prevent a cyber attack on their company.
Common cyber threats such as phishing, keylogging, screen capture, ransomware, ID theft, Data leaks, Denial of Service etc are on the increase and can cripple your business and damage your reputation.
TAKE THE QUIZ
Are you an easy target?
1 in 5 business owners don’t know how phishing works. It’s one of the most common ways hackers enter your business networks. Can you spot a phishing email?
SECURE YOUR BUSINESS
10 Tips to prevent cyber crime.
Here are 10 simple things you can do to protect your business from cyber threats.
1. Update your software.
It sounds simple enough but how often do we click ‘remind me later’ when the software update pops up? Updates can contain vital security patches needed to protect you from the latest online threats.
2. Backup regularly and securely.
Unless your business has a backup plan in place this is something else that is also often put off till tomorrow. Find a backup and storage method that suits your business needs and is secure against loss, damage or theft. The cloud makes backing up easy to manage and minimizes the need for human intervention. In the event of a cyber attack, regular, secure backups enable you to recover your data and get back on your feet quickly. Read more about data backups here.
3. Encrypt your data.
Data encryption converts your readable data into an encoded form that requires a key or password to decrypt it – making it harder for cyber criminals to use your data. Software such as BitLocker or Sophos encrypts your data beyond what your physical device may already offer. When copying data to USB devices make sure you’re using USBs that offer encryption such as IronKey, ScanDisk and Kanguru. When you copy a file to an unencrypted USB drive or send it via email that file is no longer encrypted.
4. Start with your firewall.
Your firewall is your first line of perimeter security, detecting and blocking attacks coming into your business network. Managed firewalls stop viruses and malware from entering but they must be constantly monitored in order to be effective. You should test and audit your firewall regularly to maintain its health and strength.
5. Educate your staff.
Human error is often a gateway for cyber attacks into a business. Creating weak passwords, clicking or sharing unsecure emails, downloading games or untrustworthy files, using public wifi while working with sensitive information, are common ways that malware gains entry to a device and the data on it. When that device connects to your network the risk of your data being exposed becomes a very real possibility.
6. Choose your partners carefully.
A weak link in your armor can make your business unnecessarily vulnerable. If you’re using a managed IT service provider make sure that they are following best practices such as regularly applying patches, training their staff in the latest threats, responding quickly and being proactive about your security. If you’re managing your own IT, check that the software partners you are using in your business are trustworthy and secure, you have the appropriate firewall configurations in place, backups are securely executed and stored, and antivirus software is correctly installed and updated, amongst other things.
7. Do regular risk assessments.
The first proactive step in protecting your company from a cyber attack is establishing a baseline of security. Audit your current level of security, areas of vulnerabilities and what needs to be done. These assessments should then be done frequently to maintain your security and identify new risks. 9spheres Technologies offers a free risk assessment to potential clients.
8. Get endpoint security (especially for companies working from home / remotely).
Endpoint security protects the user’s device from key logging, screen capture and phishing, amongst other attacks. Even if that end device is infected, when it connects to your organization’s network, those threats are not able to access your data. This is particularly useful as more and more employees work from home and are accessing virtual work spaces such as Citrix, VMware, AWS, etc.
9. Consider cyber insurance.
Cyber insurance can now be regarded as a business critical insurance because statistics show that the likelihood of making a claim within a cyber insurance policy are now just as high, if not higher, than making a claim under a normal business insurance policy. At minimum a cyber insurance policy should provide a 24/7 breach response service (including IT forensic services), breach response management, credit monitoring, public relations crisis management, civil and regulatory defense costs and penalties, cyber extortion costs, business interruption cover and cyber terrorism.
10. Hire dedicated cyber security management.
Most SMBs honestly don’t have the time, manpower or expert skills required to effectively prevent a cyber attack against their business. A managed security service provider offers you trained, certified experts who evaluate your risks up front, get you protected and then proactively monitor and maintain your online security 24x7x365.
HOW WE HELP OUR CLIENTS
Experienced at securing local businesses.
At 9spheres Technologies we have been taking care of the cyber and network security for businesses in and around Brisbane since 2009.
We are cloud experts helping you to avoid expensive hardware, software and personnel. Our expert team uses comprehensive multi-layered security to protect your business.
In today’s work environment with remote access and staff working from home it’s more important than ever to ensure your business is secure against cyber attacks.
Contact us to discuss your security needs or take a look at our services.
Managed security benefits.
‣ 24x7x365 monitoring and protection.
‣ Use of comprehensive multi-layered security.
‣Expert level protection and system maintenance.
‣ Avoid expensive hardware, software, personnel and errors.
‣ Legal compliance.