Even federal government networks suffer breaches from state-sponsored attacks. So what can you, a business owner, do in face of such challenges? Actually, a lot. Don’t be that low-hanging fruit, ripe for picking. Putting up some basic defenses can go a long way, most of which will not cost a lot of money. Different layers of defense is the key to protecting your network.
Defense #1: Patching and Updates
It seems like every week there is a new update or patch for Windows. Well, they actually do come out almost every week, we call it “Patch Tuesday”. Many of those patches and updates include critical security improvements tucked in among other enhancements. UPDATE YOUR COMPUTER WEEKLY. Yes, Macs need to be updated as well.
Defense #2: Use 2FA or MFA
Two-factor (2FA) or multi-factor authentication (MFA) can be a little inconvenient, but when people overseas can possibly access your data, it provides a lot of protection. A 2FA app on a smart phone is the best option but you can also purchase a Yubikey if you don’t want to use a smart phone. Having a code sent via text to your phone is also an option but not as secure.
Defense #3: Use a Password Manager
A password manager, once setup, is a beautiful thing. Now all your passwords can be unique and complex. The cost is nominal and the time savings it offers is huge. Be sure to protect your password manager with 2FA!
Defense #4: Offsite Backups
The key to recovering from ransomware is a really good backup. To ensure a successful recovery, here are the features your backup should have:
- – at least 3 months of data retention (can you recover data that is 3 months old?)
- – 256bit or better encryption
- – stored off-site, ideally in the cloud
- – accessible only through a separated system, ideally in the cloud, with a unique username and password, protected by 2FA
- – test restores that are performed regularly, ideally daily
Defense #5: Cyber Awareness Training
The majority of all successful ransomware attacks are performed through attacks directly on employees. Its no surprise since employees are the weakest link in your layers of security. Fortify your defenses by enrolling your staff into cyber awareness training. A good cyber awareness program will offer weekly micro-trainings on the latest scams, hacks and phishes, plus a newsletter with helpful tips. Turn your weakest link into a strong wall with training!
We help businesses with securing their IT as well as setting it up and managing it. If you’re struggling with putting together a defense plan for your organization, please give us a call at (859) 245-0582 or use the handy “Schedule time with me” button in the bottom right corner of your screen. We will do a free consultation to learn more about your organization and the unique IT challenges it is facing.