Can you confidently say that you know how to secure your business against the growing spectre of cyber crime?
Daunting question isn’t it…
The Internet has enabled businesses to flourish, allowing them to access new and larger market places, from any location. It also allows businesses to work more efficiently by using a variety of online tools and apps.
However, unfortunately, the Internet is a place that can make your business a target for cyber criminals.
And, it’s sad to say, but the truth is, your business is a target.
Now bare in mind, it’s not possible to eliminate every single threat that is aimed at you business, but, do not despair; you can make it incredibly difficult for your attackers to succeed.
That’s where Node4 come in.
We’ve compiled a list of our top ten tips for you to consider when protecting your business from cyber attacks.
10. Prepare for the worst
Ransomeware extorts payment from the victim in exchange for allowing access to something that was encrypted in the attack. The most prevalent type of malware used in this kind of crime is crypto-ransomware, which normally encrypts the files on the compromised system, and then demands a ransom, in return for the ability to decrypt and recover the files. Therefore, ransomware threats should be viewed as a disaster recovery situation. Total unavailability of data and systems requires tight Recovery Point Objectives and flexible recovery tools to recover quickly.
9. Instil a common security policy as best practice
The outdated idea that provisioning security solutions from multiple vendors to allow businesses to “cover all the bases” by dispersing risk across multiple security vendors is now regarded as ill conceived. Focus is around implementing and controlling a common security policy, which can be managed and maintained across the enterprise, usually via a single pane of glass. This makes both logical and economic sense, and the better firewall vendors can reliably provide integrated threat management across a unified management system.
8. It is important to process your traffic as quickly as possible. Remember, today’s trickle is tomorrow’s torrent
As Next Generation Firewall (NGFW) technology is based around “deep inspection”, analysing application-specific traffic, it is important that all effort is placed in processing the traffic as quickly as possible. Application-specific integrated circuits (ASIC) process the traffic in the fastest way possible, and, by offloading processor tasks, traffic bottlenecks within the hardware are avoided and throughput maximised. This is a serious consideration for scalability; today’s trickle is tomorrow’s torrent.
7. Keep your workforce secure when working remotely
To support mobility, secure remote access is a standard offering in firewall technology; the ability to provide VPN tunnels between multiple endpoints and also [free] VPN clients for end users will make the solution cost effective. Integration with Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) will enable secure management of user accounts and passwords, and single sign-on will greatly improve the user experience.
6. Have an Intrusion Prevention System in place to stop malicious traffic in its tracks
Intrusion Prevention Systems (IPS), which monitor, log, identify, and (more importantly) stop malicious inbound network activity, uses a constantly updated blacklist/whitelist database of signatures. The Intrusion Detection System (IDS) is a reactive tool that provides baseline for security, reports on packets that have broken the chalk-lines, and a journal of the potential resulting intrusion.
Where orchestrated attacks appear quickly, attack, and as quickly disappear, it is important to have a dynamic solution that can address these evasion techniques. IP Reputation services aggregates data from locations around the world and provide up-to-date information on threatening sources, which allows for proactive protection against malicious sources.
5. Take into account multiple zones when selecting a firewall
The ability to shape traffic on priority applications is an important factor wherever application traffic is linked to revenues. Similarly, load balancing is the ability to intercept incoming traffic with a virtual server and share it among one or more backend real servers, enabling multiple real servers to respond as if they were a single device, which in turn means that more simultaneous requests can be handled and improves the availability of online services.
The provision of multiple zones (DMZ) can also be an important factor in firewall selection, allowing extranet, corporate infrastructure, and web-facing services to co-exist behind a high-availability appliance.
4. Ensure you have full granular control and reporting of outgoing web traffic, and application control
Managing outgoing web access with full granular control and comprehensive reporting, such as the top ten websites accessed and most prolific web users, is essential information for managing the internal acceptable usage policy.
Application control is another valuable tool that can identify and control specific application types and, providing relevant enforcement, is essential in the current Web 2.0 and cloud environments.
This type of feature can identify thousands of applications, even those on encrypted channels and can mitigate against sophisticated botnet activities that easily evade traditional firewalls. When used together, Web and Application control can exercise policing of the web-use in way that staff will cooperate with.
3. Have a system in place to prevent data exfiltration
For organisations as diverse as medical, legal, and retail industries, preventing valuable data from exfiltration is a key deliverable. Data can be sent outbound by accident, by attaching the wrong files, deliberately by synchronising corporate data to cloud stores like Dropbox, or by deliberate exfiltration methods such as DDoS application attacks.
Data Leak Prevention (DLP) is the ability to watermark, track, and prevent this type of data from unauthorised export and forms a substantial tool in border security compliance and data governance.
2. Have adequate anti-virus protection and Spam filters
The most visible security protection that users see is Anti-Virus (AV) protection. AV, on the end-point client, in order to protect this as a point of entry, can often be managed from the Firewall.
As the main public front door for many organisations, email and subsequent filtering of Spam is an essential feature for businesses. This form of gateway management allows for key word exclusion—important in managing litigious or distasteful content.
1. The most important factor. Ensure all employees are fully aware of the company security policy!
In a recent survey provided by Cisco, (Data Leakage Worldwide: Common Risks and Mistakes Employees Make), over 50% of employees altered their endpoint security settings from those set by their employers citing, “I wanted to visit that Web site regardless of the company’s policy”. Over 60% used their company computers at least once per day for personal use, potentially opening up the network to threats.
Clearly, companies need to secure users’ endpoints, but more importantly, extend the company security policy and have visibility across the enterprise via a single-pane-of-glass, in order to manage the risks.
With the growing threat from cyber criminals, whether you’re a one-man outfit, or a large enterprise, it makes a lot of sense to be concerned about your data and your infrastructure.
So, if you would like more advice on securing your business, please get in touch. We’d love to help you out.