In modern-day cyber security, there are many different ways for bad actors to gain access to personal information such as a bank account, credit card data or social media account access. Without a doubt, proactive protection is a must.
When budgeting for cyber security, businesses are often hesitant to make substantial investments, but the real question is whether you can afford to be without these assurances. Cyber security is one aspect of IT that pays off ten-fold as those who have fallen victim to an attack know all too well.
The good news is there are several budget-friendly cyber security tips that are easy to implement and inexpensive to adopt. Take a moment to review these tips or better yet – share this with your IT professional so they can implement them right away.
1) Implement Password Policy and Rotation
Keeping credentials unique and changing them often is a cornerstone of cyber security. Implement the use of a password manager to automate the process of creating and updating credentials.
Additional security measures like multifactor authentication and never divulging sensitive information while connected to public Wi-Fi can keep mobile devices and laptops safe from ongoing and emerging data breaches.
2) Audit Disabled User Accounts in Active Directory
Sometimes cyber-attacks come from within. Regular auditing of disabled user accounts in Active Directory should be a high priority. Active Directory is designed to make account creation easy, but without prompt removal of old accounts, this piece of infrastructure can create real cyber security headaches.
3) Restrict Domain Access
Following the policy of least possible access is a good cyber security practice, as it helps ensure workers have access to only the files they need to do their jobs.
4) Conduct Regular Backup and Disaster Recovery Testing
Ontech recommends conducting backup and disaster recovery testing at minimum once per year. Annual testing can ensure all backups are up to date and that the files they contain will be useful in an emergency.
5) Implement Multifactor Authentication
Requiring multifactor authentication as a company policy can stop bad actors in their tracks by requiring a second type of identity verification in order to gain access. This could be a one-time code sent to a smartphone, a message sent to an associated email address or an authenticator app.
6) Enable Mobile Device Management
Implement best practices and training for employees on safe usage of mobile devices. When used in conjunction with mobile based virus protection software, mobile device management can be a very effective way to protect sensitive data.
7) Follow Endpoint Security Best Practices
Integrating endpoint security into your cyber security plan can protect your network when company data is accessed from remote devices such as mobile devices or laptops. Ontech’s endpoint security solution offers around-the-clock access to security data along with daily updates and threat intelligence reports.
8) Engage in Employee Education
Security awareness training is a must for businesses of all sizes. This type of training typically includes:
The use of a simulated phishing scam:
- Pop quizzes to assess employee knowledge
- Short courses for workers who fall for a simulated cyber attack
- In order to be most effective, employee training and testing should take place on an ongoing basis.
9) Document an Incident Response Plan
Create a documented incident response plan to ensure that all parties involved are aware of the steps to be taken in the event of a security breach.
10) Document Policies
Document all cyber security policies such as:
- Bring your own device (BYOD) policies
- Rules governing the use of privatized networks
- Acceptable use of public Wi-Fi networks when traveling for business
- Encryption requirements for company-issued laptops and mobile devices
11) Allow Automatic Patching
Ensure all business software receives automated patching and maintenance on a regular basis.
12) Use Filtering Tools
Implement a variety of filtering tools to block spam from the company network and reduce the risk of a data breach. DNS filtering can protect privatized networks and public-facing websites.
13) Find a Secure Web Host
Choose a reliable, secure web hosting provider. Additionally, ensure the least amount of people have access to your website and delete old or inactive accounts whenever possible.
14) Enable Automated Computer Lock Screens
Automated lock screens can reduce the risk of insider attacks, making it easier for businesses to safeguard their sensitive data and personal employee data.
If you would like additional information on any of these measures, please give Ontech Systems a call at 262-522-8560 or reach out to us online. Our staff can assist you with all aspects of cyber security response, from designing the right policies and procedures to choosing a password manager that meets your needs.
