We live in a digital age, where both personal and business information is stored and shared online. Let us discuss how to best protect the information you transmit online and what hackers can use to steal your identity or cause other troublesome issues that can cost you both time and money.
The process of securing your data is not just a one step approach. The methods that hackers use to steal your data come in many forms. They will typically pick the easiest entry point to gain access. Some examples of entry points are email and website access. Email can be spoofed and made to look like it comes from a valid source. They even go as far as using logos from large companies to make it appear legitimate. They also create fake websites that have domains that are very similar to a real website. Something as easy as substituting two v’s (vv) in place of a w will give the domain name a very similar look. Once they have you accessing their fake site the sky is the limit on what they can exploit from your computer. These are two examples that are common. There are many other ways to compromise your systems.
Locking down access to your systems is key to preventing a compromise. The following security measures will make it harder for the hacker to gain access. The harder it is to access your data the more likely they are to move on to the next company.
Provides a second authorization method to accessing your system. An example for this would be accessing your email. Once you enter your username and password to enter your email account the second factor would either send you an approval message to your phone or send a text code for you to enter.
Phish Threat Education & Testing
Your first line of defense is educating your employees to spot vulnerabilities. Email is the most popular method to exploit users into clicking something they should not. Enrolling your users into a Phish Threat training program is not expensive and it educates the users on how to spot content in the email that tells you it is a fake. After your initial training, you can test the users by sending emails from a testing database. The emails will be fake emails that look real. The users will have the opportunity to spot the fake and report it. Reports are generated each month to show you the progress of each user.
Security Audit and Penetration Testing
Having a third party come into your network and perform a security audit is a great way to strengthen the security of your network. The reports will tell you areas of your network that are weak and recommendations will be made to strengthen them. The testing is performed from within the network as well as outside the network. The test outside the network is a penetration test that will tell you the ports that are open from the outside. After the testing is done you will have a report with recommendations on how to secure your network.
Antivirus & Malware Protection
Antivirus software has changed tremendously over the past 3 years. If you are using a free version of antivirus (AV) from any vendor, you need to rethink your decision. When deciding on which one to purchase I recommend that you look for the following features.
- Central Reporting Database (Web Portal)
- Ability to lock down the software from being uninstalled.
- Web Content Filter included
- Extended Detection and Response capability
- Secure Heartbeat
Email Spam and Virus Protection
Since email is one of the most popular ways to exploit users, we recommend that you scan your email before it arrives to your mailbox. A cloud-based spam filter will scan incoming and outgoing emails for abnormalities. It looks for email impersonation, virus, encrypted files, files with malicious code embedded and executable files. There are many different providers for this service and all of them have their flaws.
Having a network firewall in place is a critical item. Using the big box store network gear is not a sufficient method of protecting your data. When purchasing a firewall, I look for the vendor to have a robust product lifecycle program. Threats are changing every minute and the provider needs to keep up. The features I look for in a firewall are DDos Protection, Security Heartbeat, Content Filtering, Gateway Antivirus and the basic set of firewall rules and capabilities. The firewall is the gateway into your network and needs to be fortified.
The security heartbeat is generated from two of the items listed above. The Antivirus and the Firewall. The security heartbeat is important because it establishes a line of communication between the workstation and the firewall. If a workstation becomes infected, the firewall will reject its traffic and notify all the other workstations to reject it as well. The lateral movement of a virus is prevented in a matter of seconds.
Your company’s data is one of the most valuable assets and it needs to be protected. There is not a way to say that you are protected to a 100% level of certainty, but the task of hacking your network will become much harder. The security measures mentioned above should be installed and maintained by a professional. A company that works with these solutions on a daily basis. Cloud Technologies is a Birmingham tech company and a managed services provider for small business. They also provide services like hosted voip (cloud phone system) and virtual servers. For more information: