With so much going on with ransomware and data breaches, RESULTS Technology has decided to focus yet another monthly newsletter solely on cybersecurity education. At the time of this writing, there are at least 3 high-profile cybersecurity incidents in the news, including attacks on hospitals, retailers, and political groups.
If you think having antivirus and a firewall is enough … think again. More than 70% of all cyber security incidents today are the result of internal security issues that no firewall or anti-virus could have prevented. That’s why it’s important to take the following steps:
Security Awareness Training
If you can’t do anything else, do this. Phishing attacks have gone through the roof since the pandemic began. A well-executed phishing attempt can cause your company’s data and your client’s confidential information to be breached or held for ransom. You may think your staff is savvy enough to recognize phishing attempts but the attackers have become very sophisticated. Many phishing emails do not contain links, spelling or grammatical errors or attachments. It takes a trained eye to spot today’s phishing attempts.
Educating your staff to recognize these attempts is the first step in protecting your confidential information. Security Awareness Training consists of self-paced, online training followed by phishing attempts sent by you or RESULTS Technology. You can gauge the effectiveness of the training by seeing who in your organization “bites” and then re-educate them as necessary. Contact us for a free 30-day free trial of training.
Back up frequently
Although you’ve implemented several layers to your security, sometimes hackers can still find their way in. This is why you need to back up data frequently, whether it’s on-site, off-site, or by way of cloud backups. In the worst-case scenario where your systems do get infiltrated, you can restore lost data from those backups.
Use Two-Factor Authentication
Using a complicated password to secure your system is no longer an effective way to solve the issue of cybersecurity. We tend to use that same complex password in our email accounts or bank accounts, and if one of your logins is compromised, this can result in grave consequences. Two-factor authentication (2FA) adds an extra layer of security for your systems and accounts. It can be biometric verification for devices that you own, or a time-sensitive auto-generated code that is sent to your mobile phone. This security feature works in the same way websites would require you to confirm your email address. They want to make sure that you’re not a bot or anything else.
Download: Types of 2FA from least secure to most secure.
Email Encryption is a great obstruction to hackers, since it scrambles and descrambles data every time someone tries to read it. Encryption also causes compatibility issues if the data is not being accessed via the company’s own network systems. In the past, encryption has been hard to use and costly. Now it can be as simple as putting your subject line in brackets. Watch this 2-minute demonstration.
Keep systems up to date
Technology is moving at a fast pace. Hackers are always upgrading their tools to take advantage of outdated security systems, so businesses should do likewise to protect their valuable resources. Yet, many companies don’t install software updates immediately. If the update closes existing security loopholes, delaying an update exposes you to external attacks. So, install software updates as soon as they are released.
Many businesses have no idea how many computers they have, so it’s very hard to keep track of which computers are online. Sometimes a company’s computers and servers are online when they don’t need to be, making them tempting targets for attackers. It’s advisable to configure business servers properly, ensuring that only necessary machines are online and that they’re well-protected.
Consider extra protection
More than 70% of all cyber security incidents today are the result of internal security issues that no firewall or anti-virus could have prevented. If your the data on your network is vital to the continued operation of your company, consider extra protection.
RESULTS’ Invicta VPS is a breach detection service that is unique in the cybersecurity industry. Most cybersecurity tools are antivirus tools that focus primarily on the actions performed by executable files and heuristic-based detections. Invicta VPS is different because it prevents and detects Advanced Persistent Threats (APTs). These threats sit quietly, harvesting your company’s sensitive information, or even worse, your client’s information, for weeks or even months. APTs can also move around within your network, gain administrative rights and even access secure areas of your network. APTs are truly one of the worst things that can happen to a company.
Invicta VPS has been vetted by BankDirector.com and included in a prestigious directory of technology tools for the financial services industry. Invicta VPS has also been chosen by Data Center, Inc., a provider of core banking software as the preferred cybersecurity tool for its banks.
Again, these are not normal times. Securing your company’s data is now more important than ever. Contact today if you need help.