When it comes to managing networks, businesses often fall victim to assumptions and oversights. The reality is that the protection of information and applications is always evolving and, as criminals find new ways to exploit weaknesses, it's tough to stay one step ahead.
Instead of businesses positioning themselves as "easy targets" by loosely managing data and information, it's best to have sound and thorough policies in place with which to secure the network thereby creating a culture of security. In addition to policies, here are five measures to put into practice to better manage your network and protect its critical data.
Endpoint Security
Ensure the security of your endpoints (managed devices and servers) are protected with automated security updates. This is a critical security control that is all too easy to overlook as it often happens in the background and without the user's knowledge.
- The risk of not having patching in place: Many cybercriminals will look for unpatched vulnerabilities to exploit and gain access to systems. This is often the method used to infect users who visit a website with malicious code embedded in an ad.
- Patching solution: Use an automated patching tool or service to ensure security updates for operating systems and common applications are updated on a regular basis.
Backup and Recovery
Backup of your data has taken on more importance than ever with new threats like ransomware. Be sure your backups are running, effective, and are secured offsite.
- The risk of having an inadequate backup solution in place: Not only do you need to protect data from a hardware failure, loss, or natural disaster but, you also need to protect it from a cyberattack which could encrypt that data. Your options are to restore from a good backup, or pay the ransom which is now escalating into extortion.
- Backup and recovery solution: Use a business class backup and regularly check to ensure the backup is working. Also be sure that backups are stored offsite in an encrypted format to minimize risk that a breach in your organization doesn't also result in a breach of your backups.
Supported Operating System
Over the past few years, Microsoft has discontinued support for two widely-used operating systems: Windows XP and Windows 7. If you're still using one of these operating systems (OS) or any OS that has reached end-of-life, it's high time you migrate.
- The risk of keeping an outdated operating system in place: Microsoft is no longer providing security updates or support for Windows XP or Windows 7 as of 2020). This means every day you work on an unsupported OS is another day the cybercriminals have to find new vulnerabilities within them. Even if you have a patching process in place, Microsoft is not actively fixing or updating outdated OSs which puts your system at the mercy of potential attackers. It is also highly likely that any security audit of your network will not pass.
- Use a supported operating system: If you haven't already, upgrade to a Windows 10. Alternatively, evaluate if your Windows servers' current function could be better achieved with a cloud solution like Office 365 before upgrading.
Multi-Factor Authentication
Today, your staff is accessing business applications and data from a variety of locations on a myriad of devices. Your data no longer sits safely behind your network's perimeter, dispersed among multiple cloud applications and tools. The strategy to protect this data does not lie solely with the cloud service providers. They are responsible for the security of the cloud but it's up to your business to ensure secure access.
This can be done with multi-factor authentication (MFA). At its core, MFA is an electronic authentication method used to grant access to a website or application after a user successfully presents two or more authentication methods (called factors). You may have also heard this security method referred to as two-factor authentication or 2FA.
- The risks of single factor authentication (credentials only): The average person deals with maintaining 90 or more accounts, and each requires a unique login. 65% of employees admit to reusing the same password across business and personal accounts so it's no wonder 81% of hacking related breaches are due to compromised passwords.
- Implement MFA. This is a low-cost, proven authentication method can be enabled within your company and help prevent over 99% of account compromise attack. Even if a cybercriminal has your credentials, MFA will require them to provide an additional form of authentication before allowing access to your most critical assets—your network and its data.
Data Loss Prevention
Not all data loss is the result of a traditional data breach. It can be easy for your data to end up in the wrong hands. It's as easy as sending an email containing sensitive information to the wrong recipient or uploading a important file to a cloud application outside of ITs control.
- The risks of not having control over your data are numerous. Internal threats, accidental sharing, Shadow IT represent any number of ways data can leave ITs control.
- DLP is your network's security watchdog. It keeps an eye out for unauthorized use and transmission of your sensitive information. When implemented correctly, you obtain more visibility and control over highly sensitive information helping you to minimize data loss.
Employing these five best practices will help minimize your IT risks. If you're unsure what risks your network faces, it might be time to get an expert to assess your network.
For questions, email info@systemsengineering.com, or call 888.624.6737.
Mark Benton is the Director of Product Management at Systems Engineering. He has over 30 years of experience in Information Technology and is responsible for overseeing the onboarding of new products and services for Systems Engineering and its customers.