Cyber security can be a daunting term especially for those without a tech background, but there’s no doubting the importance of protecting your IT Systems in order keep the information you are responsible for safe.
Here are 5 simple cyber security steps you can take now.
It may sound like a techie term but firewalls are everywhere and if configured properly provide a first line of defence.
Start at the boundary of your network, the point at which you connect to the internet. Most SMEs with have a router with a built in firewall. This is the box that the telephone line or cable connects to.
Make sure you change the default login details for this device, sometimes found printed on the bottom of the device.
Then log in via the IP address provided and check the firewall rules. You can google each port number to find out what it does. Deny all incoming traffic on ports you don’t require. Always end with a ‘Deny Any Any’ rule.
You can also find software firewalls built in to Windows and Mac OS X, and included as part of some antivirus packages. These work in a similar way but be careful layering firewalls as they can cause functionality problems.
2. Software updates
Many attackers use exploits found in the software that you use everyday. Software vendors will provide updates as vulnerabilities are discovered so it’s important to ensure you remain on a current version of the software and keep it licensed so you can receive critical security updates.
These days most systems can be set to automatically update but some will require a manual restart before they become effective. Make sure you take notice of any warnings displayed.
There are three categories of software updates you should consider:
Used across your workstations, servers and mobile devices.
Packages you use everyday that do not come as part of the basic operating system.
Operating Software installed on devices including routers, firewall, printers and other connected devices.
3. Protection Software
Antivirus has been a basic requirement for many years but now the suite of protection on offer has greatly expanded to include all kinds of malware, firewalls, adware etc.
Choose a package that suits your business, check reviews online and make sure you keep it up to date.
Install protection software on all machines and take action when it detects a threat.
Taking a backup of your data is easy and provides a basic level of protection that will allow you to recover from an IT disaster.
Bear in mind though, uploading data to the cloud is not the same as backing it up. Moving data to the cloud may have many other advantages but it still risks being corrupted.
An effective backup routine keeps several generations of a file allowing you to go back to previous versions if you suffer a crypto-virus attack or similar.
5. Training and awareness
Humans are the weak link in the chain and even the best controls will be undone by a human overriding it.
So training staff in how to spot common cyber threats, such as phishing, and how to apply security controls effectively are essential.
Create a culture of cyber-vigilance where staff are comfortable raising a concern without the fear of a blame.
And maintain low level awareness frequently in many different formats to reinforce the message.
The threats faced by business are changing but the tools to become a resilient organisation are easily available. Take some time today to check these 5 things in your organisation.