As companies continue to expand remote working operations, they must re-evaluate security weaknesses to prevent cyber attacks and data theft. The speed at which organisations have transitioned to cloud services has also spawned new challenges in protecting vital business information.
The COVID-19 pandemic has exposed gaps in security that few could have predicted. These gaps come from unsecured home networks, personal devices, the cloud, and rushed Bring-Your-Own-Device (BYOD) policies adopted to accommodate the remote workforce. Cybercriminals are taking advantage of these weak security spots and deploying ransomware via malware at an unprecedented rate.
Ways to prevent cyber attacks
Below are 13 actions that your organisation should adopt to prevent cyber attacks from affecting your business operations. Should you need assistance in any of these areas, please get in touch to speak to one of our security technology experts.
1. Firewall Protection
Today’s working networks include many entry points, from local headquarters, remote offices, and mobile devices. Firewall protection is still a must and should be robust and placed at every entry point to your network. Let’s not forget all the data and applications now stored in the cloud.
The two main technologies to consider for standard firewall protection are Next-Generation Firewalls (NGFW) and Firewall as a Service (FWaaS).
NGFW has the same role as traditional firewalls. However, NGFW goes much further because it offers Intrusion Detection and Prevention Systems (IDPS) along with deep-packet inspection (DPI) and application control technologies. NGFW goes way beyond port and protocol inspection and blocking. It adds application-level inspection and intrusion prevention. In doing so, it brings in intelligence from outside the firewall.
Cloud solutions bring security services to your fingertips, enabling users to complete business processes in the cloud as well as store and transfer data. Part of these processes includes firewall technology. FWaaS works as a stand-alone product or the central component of a comprehensive set of security tools such as Secure Access Service Edge (SASE).
FWaaS is a cloud-based firewall service we offer that uses NGFW capabilities, among other advanced security features such as IDS, URL filtering, advanced threat prevention, and Domain Name System (DNS) security.
As companies embrace infrastructure as a Service (IaaS) and Platform as a Service (PaaS) models, which operate in the cloud, the network perimeter is not so defined. FWaaS is an affordable, efficient, and scalable solution.
2. Endpoint Security
Endpoint security is a complementing suite of security services designed to secure the growing number of end-user endpoint devices, especially mobile devices. Using a combination of advanced security measures such as antivirus, anti-ransomware, phishing detection, end-to-end encryption, coupled with central SEIM security alerting, ensures the security of your endpoint estate.
Endpoint devices such as laptops, desktops and mobile devices are becoming prime targets for virus, malware and ransomware attacks. Preventing these entry-point devices from being compromised by a malicious cybercriminal attack is paramount for overall network security.
The Securus Endpoint Protection Platform (EPP) allows you to fully manage endpoint security from a single, easy to use, cloud-based GUI. Every single endpoint device that has access to your corporate network is securely managed and maintained.
3. Upgrade to 802.11ax (Wi-Fi 6) for Wireless
The pandemic has spurred momentum in all aspects of IT, wireless networking included. Many organisations have expanded their use of Voice and Video over IP and are moving to the latest wireless networking standard, Wi-Fi 6 (aka IEEE 802.11ax). Another driving factor is the increase in the use of the Internet of Things (IoT) and Software as a Service (SaaS) technologies.
One of the security improvements that come with a wireless upgrade to Wi-Fi 6 is the ability to keep your connection private, even on public Wi-Fi. Newer WPA3 security protocols encrypt user sign-ons even when using a public Wi-Fi password. This is accomplished through a mechanism called a “dragonfly handshake,” which requires authentication each time a connection is made to protect encryption keys.
4. Strong End-to-end Data Encryption
The Advanced Encryption Standard (AES) is a symmetric block cypher the U.S. government uses to protect classified information. AES is implemented to provide end-to-end data encryption for networks carrying sensitive data. Both AES and another standard called Triple Data Encryption Standard DES (3DES) are the two current standards in data encryption.
There are three encryption key lengths employed by AES, which are 128, 192, and 256 bit. The 3DES encryption key is limited to 56 bits because it is dictated by the DES standard. However, it is applied three times, which allows the implementer to choose either three discrete 56-bit keys, two identical and one discrete or three identical keys. As a result, 3DES can have 168-, 112-, or 56-bit encryption key lengths.
Our recommendation, if your platform will support it, is AES 256, as it offers an exceptional level of protection for data encryption.
5. Central Email Filtering
A security breach often begins as an email phishing attack, where a malicious email arrives with an attachment containing malware or ransomware. Other times, the email contains a malicious link. An employee opens the attachment or clicks the link, releasing the payload.
One way to combat ransomware attacks is email filtering, where all incoming emails are analysed before being sent to the user’s inbox. The system flags potential spam and phishing messages. The software then removes those emails, placing them in a designated isolation folder.
If you need more protection than your email solution can provide, you can contract for additional security monitoring services. Many solutions notify your IT admin when a suspicious email is flagged and quarantined.
6. Antivirus/Anti-Malware Security Suites
Antivirus software comes with built-in protections against ransomware and other forms of malware. Most modern security suites include ransomware protection, especially now that ransomware is such a prevalent activity.
To maximise these benefits, you should ensure that your antivirus/ransomware protection is up to date across your entire network, all the way down to the individual user device. Today’s business networks include devices with limited security protection, for example, BYOD and IoT machines like scanners and printers.
Thus, you should install antivirus software on more than just your servers and workstations. Your IT teams should install antivirus software on mobile devices, tablets, printers, and even mobile phones.
Our article on 4 Popular Security Suites For Small Businesses is an excellent place to start. Should you need any assistance in choosing the right suite for your business, get in touch, and we will be only too happy to help.
7. Apply Latest Security Updates
A crucial part of any security protocol is a regular schedule for applying current security patches to your operating systems, applications, and device firmware. Software suppliers release security patches to eliminate vulnerabilities as they are identified in their software.
Unfortunately, the notifications sent to customers also notify cybercriminals of these existing vulnerabilities. When an organisation neglects to install a patch promptly, it creates a weakness that cybercriminals are ready to exploit. Weak spots become entry points for ransomware and other malware programs.
Administrators should apply patches with an extreme priority level rating within 48 hours of their release. Two weeks is sufficient time for less critical patches. Your IT administrator can schedule the lowest priority level patches with regular maintenance activities.
8. Secure Password Policy
At the individual user level, one of the best ways to fortify security is to use complex passwords that are difficult to hack. Furthermore, users should have unique passwords for each account. While it’s human nature to want to go with something easy to remember, that also makes the password easy for hackers to guess.
One solution that makes it easier to use complex passwords is a password manager. Password manager software helps employees and IT staff manage their account passwords for various systems. It also generates unique passwords for each user account and stores these passwords in an encrypted database. The users’ account usernames and passwords are stored safely in a virtual vault. The user has a single master password to access the vault.
This way, the end-user need only remember a single password rather than manage dozens across accounts. In addition to the security benefits, a password manager saves time. Your staff won’t waste hours contacting administrators to reset forgotten passwords.
9. Multi-factor Authentication (MFA)
MFA, also known as Two-Factor Authentication (2FA), protects users by adding a second layer of security, making it difficult for a hacker to access your account. Most of us are familiar with MFA. For example, after you log on to a website, the site sends a numeric code to your mobile phone, which you then enter to access your online account.
This security enhancement requires you to enter two types of credentials to log onto an account. Credentials include any combination of a password, PIN, a smart card, or fingerprint. Often, users will have an app on their cell phone that generates a new pin at intervals of a minute or more. Many organisations require MFA when employees log onto a work device or access a VPN network. It is a simple yet essential way to secure networks that contain sensitive company and customer information.
10. Staff Cyber Security Training
Your employees are perhaps the most critical elements of any security plan. Thus, proper cybersecurity training is an equally crucial element. Ransomware and other cyberattacks happen when users receive a phishing email, inadvertently click a malicious link, or unknowingly offer logon credentials.
Securus Communications can help you schedule regular employee training on recognising cyber threats like phishing emails and other social engineering attacks. Additional training includes how to handle sensitive or proprietary data. Proper handling means fewer opportunities for accidental leaks.
Most importantly, regular training keeps your staff informed about the common cyber threats as they develop. Employees can be trained to spot, react to, and report suspicious messages that arrive through email, text messages, or internet browser pop-ups.
11. On-Net and Off-Net Backups
Even a fully protected network should have a backup strategy in place to ensure that recent backups are always available in the event of a ransomware attack. Backups are a required component of any disaster recovery strategy or business continuity plan.
When a ransomware attack strikes, backups can ensure your organisation recovers. Your IT teams should maintain a regular schedule of daily and monthly backups. Furthermore, these backups should be stored in multiple locations.
The accepted rule for backups is to maintain three copies of data on different media. Notably, one copy must be held offsite and away from your primary network. Cloud services are cost-effective sources for data. They allow you to store your data in a different location. Should ransomware affect your primary network, you have current data in the cloud, unaffected and ready to restore your systems.
As ransomware can often infiltrate cloud backups, Securus Communication offers an immutable backup solution. This air-gap technology ensures your archived data cannot be modified, encrypted or deleted, even by ransomware. Check out our article on How Immutable Backups Protect Against Ransomware.
12. Centralised Security Monitoring and Alerting
With so many business processes moving to the cloud and remote working locations, security monitoring across your entire network is critical. Modern security monitoring services are mostly automated, continuously assessing and measuring applications, data, and user accounts for unusual behaviour and possible security threats.
Prevention is often better than cure. Efficient security monitoring is also an excellent tool to identify potential security vulnerabilities within your network infrastructure waiting to be exploited.
13. Disaster Recover (DR) Strategy
Despite all the tools and strategies listed above, data breaches do happen. Ransomware sometimes gets past every failsafe and threatens to destroy data and shut down business processes. A DR strategy is needed to ensure that your organisation has a plan for recovering from an attack as quickly as possible and with as little data loss as possible.
An effective DR plan enables your company to restore operations as quickly as possible after a system failure or security breach. Because ransomware is a threat to valuable data, your DR plan must include secure backup protocols for data restoration. Even if you can’t save real-time data, a robust DR plan means you will be able to restore a recent version with relative ease.
If an organisation fails to adapt its security plan to accommodate its rapid network expansion, it is at increased risk of a cyber-attack. Criminals will root out the weak security spots and take full advantage. Your business must prioritise its security and DR plan to ensure proper safeguarding of critical data, whether on a local network server, a cloud server, or a combination of both.
Securus Communications is on hand to help you with every aspect of network security. SASE, FWaaS, 2FA, Antivirus, Anti-Ransomware, Immutable Backups, DR, and even staff security training are just a few examples of where we can help secure your network operations.