How do I secure my computers?

This week the US Department of Homeland Security predicts an increase in cyber attacks due to the evolving crisis in Ukraine. Such Russian-backed state-sponsored attacks will focus not only on our infrastructure and governments but on small, medium and large businesses and law enforcement agencies as well. What can you do?

Even federal government networks suffer breaches from state-sponsored attacks. So what can you, a business owner, do in face of such challenges? Actually, a lot. Don’t be that low-hanging fruit, ripe for picking. Putting up some basic defenses can go a long way, most of which will not cost a lot of money. Different layers of defense is the key to protecting your network.

Defense #1: Patching and Updates

It seems like every week there is a new update or patch for Windows. Well, they actually do come out almost every week, we call it “Patch Tuesday”. Many of those patches and updates include critical security improvements tucked in among other enhancements. UPDATE YOUR COMPUTER WEEKLY. Yes, Macs need to be updated as well.

Defense #2: Use 2FA or MFA

Two-factor (2FA) or multi-factor authentication (MFA) can be a little inconvenient, but when people overseas can possibly access your data, it provides a lot of protection. A 2FA app on a smart phone is the best option but you can also purchase a Yubikey if you don’t want to use a smart phone. Having a code sent via text to your phone is also an option but not as secure.

Defense #3: Use a Password Manager

A password manager, once setup, is a beautiful thing. Now all your passwords can be unique and complex. The cost is nominal and the time savings it offers is huge. Be sure to protect your password manager with 2FA!

laptop being encrypted

Defense #4: Offsite Backups

The key to recovering from ransomware is a really good backup. To ensure a successful recovery, here are the features your backup should have:

  • – at least 3 months of data retention (can you recover data that is 3 months old?)
  • – 256bit or better encryption
  • – stored off-site, ideally in the cloud
  • – accessible only through a separated system, ideally in the cloud, with a unique username and password, protected by 2FA
  • – test restores that are performed regularly, ideally daily

Defense #5: Cyber Awareness Training

The majority of all successful ransomware attacks are performed through attacks directly on employees. Its no surprise since employees are the weakest link in your layers of security. Fortify your defenses by enrolling your staff into cyber awareness training. A good cyber awareness program will offer weekly micro-trainings on the latest scams, hacks and phishes, plus a newsletter with helpful tips. Turn your weakest link into a strong wall with training!

Need help?

We help businesses with securing their IT as well as setting it up and managing it. If you’re struggling with putting together a defense plan for your organization, please give us a call at (859) 245-0582 or use the handy “Schedule time with me” button in the bottom right corner of your screen. We will do a free consultation to learn more about your organization and the unique IT challenges it is facing.

Posted in

Tracy Hardin

Tracy Hardin is President and founder of Next Century Technologies in Lexington, KY. She has a bachelor's degree in computer science from the University of Kentucky and has earned certifications from Novell, Cisco and CompTIA. Her specialties in the field of IT are network design and security, project management and improving productivity through technology. She loves helping people by sharing her knowledge of tech.