We can’t stress enough how important it is to take IT security seriously.
The Internet has become a great tool for criminals – it is anonymous and wide-reaching.
Don’t think that a cyber attack couldn’t happen to you, just because your business is not an international PLC, or because you haven’t had problems up to now.
Security Baseline – the bare minimum to protect you from opportunist threats
- Anti-virus – With the constant evolution of virus and malware threats, it is essential that every workstation and server is protected by the latest anti-virus solutions.
- Backups – They need to be regular, consistent & offsite, and include everything that you want to be able to restore.
- Password security – They need to be changed on a regular cycle, be complex and kept confidential.
- Permission levels – It is important that you regularly review who has access to which parts of your systems, and you have a process in place to manage this effectively.
- Secure wifi – It is important that your wireless network is not accessible by unauthorised people, and best practice to have a guest network for visitors
- Firewalls – The technology used to protect your network is constantly changing, in order to be able to keep up with the current threats – ensuring you have an up to date Firewall solution is critical.
- Patching – Often overlooked, this element of security is as important as anti-virus. Patches are fixes for software issues as well as security holes. Having a managed patching solution ensures that your software is kept up to date and therefore as secure as it can be.
Enhanced security measures
- Multi-factor authentication – when enabled, users need to log in with their password and another form of ID. This may be a code in a text message, or approving the log in through a smart phone app.
- Laptop encryption – once your laptop data is encrypted, if the device is lost or stolen, the data held on it is secure and cannot be accessed.
- Mobile data – Access to the data held on your Smart Phones is restricted using Mobile Device Management.
- Restricted use of USB ports – It is important that you do not allow the connection of unauthorised devices to your computers or computer network.
A government-backed cyber security certification scheme. It addresses five key controls that can prevent around 80% of cyber attacks:
- Secure configuration
- Boundary firewalls and Internet gateways
- Access control
- Patch management