It goes without saying that computers are the hearts of our businesses. When they are working smoothly, we take our reliance on them for granted. For those unlucky enough to have a security incident take down their network, the impact of a business losing access to their system is crippling. In recent times, it is no exaggeration to say that without proper planning, the likelihood of being impacted is very high, and the impact to the business if it does occur, is extreme. To the point of the business breaking. For example, the past 2 years has seen a dramatic increase in CryptoLocker-style virus attacks. The CryptoLocker virus irreversibly encrypts a company’s files, and asks for a ransom to retrieve them. Without proper protection and backup, you could lose everything.
That is why investing into the security of your network is ESSENTIAL. It is no longer a nice to have, something that bigger companies do, or something to get around to later after the other stuff is sorted. It should be a priority for every business owner right now. So to help with the process, we have compiled a list of the most important things to you need to be doing to protect your computer and network from today’s security threats:
- Educating and building security awareness amongst staff
- Installing and monitoring Anti-Virus and Anti-Malware
- Ensuring that patches are installed regularly and promptly
- Restricting administrator privileges on computers in your network
- Ensuring you have proper network security installed
- Planning, configuring and testing you backups
It would be good to mention here that there is no “one” thing that stops or prevents all threats. Proper, robust security is achieved through something called “defence in depth”; configuring multiple layers of security to ensure it is as hard as possible for the bad guys to cause damage.
Implementing all the suggestions below will significantly decrease the likelihood of a successful, damaging attack and will give you peace of mind that your network is as secure as it can be.
Education and Awareness
It’s a mistake to assume that all you need to ensure safety against security threats is the latest technology or the best anti-virus program. The weakest link in any network are PEOPLE. Even the most sophisticated security setup could turn out to be the most susceptible to attacks staff members are not well educated and are not aware of the threats they face. In order to effectively protect yourself and your business, you need to ensure that employees receive appropriate training and awareness about security threats.
Understanding security basics
Teach your staff the basics they need to know in order to protect themselves and the organisation against security attacks. Set clear expectations and processes on what staff should do when they encounter something suspicious.
Employees need to be aware that hackers are constantly developing strategies to trick them into infecting your network. This could happen by sending them an email which appears to be legitimate, but may have a malicious link or attachment. The best defence against this is teaching your staff the techniques to identify suspicious communication and activity, and to instill a culture of approaching anything that is unusual or unexpected in a skeptical manner. Flagging anything suspicious to us (your technology provider) or your co-workers could potentially stop a nasty virus infection.
If you have identified this as a need within your organisation, Enee can provide staff training and resources to ensure that all staff have the tools and knowledge to deal with potential security breaches.
Our most obvious item in the list is Anti-Virus (AV) software! Unless you haven't used a computer much in your life, it’s likely know you know what it’s all about. AV is software that attempts to prevent, detect and remove viruses and other malicious software. It is an essential component of overall security (yes, even if you do use a Mac!).
There are some pitfalls that you must avoid to ensure that your AV is doing the best job it can do...
Constantly update your AV software
To ensure that your AV is working effectively for you it is necessary to ensure that the software is constantly being updated.
New threats are detected by security companies every day, and hackers are working equally as hard to try and find ways of bypassing AV software. This cat and mouse game will never end, which means you must never stop updating, daily!
Your network is only as strong as your weakest link
Every workstation and server on your network should be protected with AV. Any computer on the network without AV installed becomes the weakest link and could easily allow unwanted viruses to enter the network.
Ensuring that all devices are protected, and are constantly up to date is a challenge, but it is essential.
What about this thing called Anti-Malware?
Its confusing, we know! Technically viruses are only one type of malicious software (designed to spread and replicate), but there are other types of malicious software that exist. Malware is broad term for software that is bad for you!
Most reputable brands of security software look to block all types of malware, but some anti-virus software is just for viruses, and some anti-malware software is just for specific types of malware (e.g. adware or spyware prevention).
Patch management is essentially the process of keeping the operating system and applications such as Java, Adobe PDF (etc) up to date.
By nature, programs are buggy and imperfect. As a result, vendors find issues and release constant updates. Unfortunately, there is a number of malicious actors at the far reaches of our world that work tirelessly to find and take advantage of these bugs and imperfections - trying to find a way to take over your computer and cause damage.
Therefore it is vitally important that all workstations and devices are constantly updated, otherwise computer become vulnerable and susceptible to attacks.
For example, you haven’t updated Adobe PDF Reader recently. You, or an unsuspecting staff member may receive a PDF document via email from what looks to be a legitimate email. Unbeknown to you, the PDF is infected with a virus that takes advantage of your un-patched Adobe PDF reader! As a result, your computer is now infected with a virus.
As you can see, patch management is an essential component in ensuring you are protected.
Enee can also help with patch management for your business. We can ensure that both Windows AND third party programs are patched up regularly, as well as monitoring your computer for patching issues 24/7 to make sure every device is covered and up to date.
Now this one is a little bit more complex than the points above… but it is important! So please read on.
You may notice that when you are making changes to your computer (e.g. installing a new program), Windows will sometimes prompts you saying “This program is trying to make changes to your computer”. This is Windows trying to warn you that the program that is running is going to do something that only Administrators should do.
An Administrator is a type of user that has access to change (or delete) all the files and settings on your computer. This is needed by professionals (like us!) to make appropriate changes, install programs and maintain the computer. But this level of access to a computer can also be used by a virus or malicious person to wreck havoc!
As a day to day user of your computer, you don't need those privileges to do your work and neither do your staff. Therefore, in order to be as safe as possible, you should make sure all users in your network are NOT Administrators.
You should make sure that Administrator access is strictly limited to appropriate staff on every computer on your network. Enee can help to ensure that this is done, and can monitor and regularly review the users that have Administrator privileges on your network, to ensure you are safe.
Although most of us are quite familiar with the internet and its potential pitfalls, it can still be a dangerous place for the most experienced of users; which can put your network in a vulnerable position when it comes to your security.
You need multiple layers of network security to ensure that you are appropriately protected from today’s threats. While this is a very large topic, and can get quite complex, we often recommend two network security options as a minimum!
- An appropriate firewall
- Domain Name filtering
We will keep it brief and as simple as possible for you.
A firewall is a device (sometimes included in your router, but maybe not!) that is designed to filter internet traffic in and out of your office, and protect you against threats.
Domain Name filtering is a little bit more complicated, but stay with us! A domain name is the address you put into your browser. For example - google.com is a domain name. Domain name filtering is a system that STOPS malicious domain names from loading within your network.
Together, firewalls and domain name filtering services packs a big, strong security punch, and protects you and your network from a very wide variety of online threats.
Last, but definitely not least is backups. Regularly taking backups of all of your data, storing your data offline, offsite, and regularly testing the restorability of your backups is critical.
There are three things you need to make sure of when setting up or reviewing you backups.
Is everything covered?
Are all your important files and folders backed up? What about all your applications? Is your whole server backed up, or just a small set of files? What about your workstation, where there are a couple of important files you haven’t saved to the shared drive yet?
What about that cloud application we use for our Accounting? What happens if that were to go down?
Ensure that everything that is critical to your business is covered by backup.
How often are you backing up?
Think about the data that is generated every day by your business. Think about the time and effort involved in creating that data, and how long it would take (if it is possible at all) to reenter or do it all again.
If you lost everything right this moment and you had to restore from the latest backup, would you be comfortable losing a whole week worth of work? What about a day? An hour?
These are the questions that you need to ask to determine how often to back up. If your business would crumble if you lost a full day of effort, you probably need to think about hourly or half daily backups.
Where is the data located?
Best practice is to store your data by the 3 - 2 - 1 rule. This rule states that you should have 3 copies of your data, on AT LEAST 2 different media (read: devices), and one should be off site. A common setup is:
- Live data on the server, protected by Windows Shadow Copy. This ensures that if something isolated happens to a file or folder, you have your data close by and easily accessible to restore as quickly as possible
- Backup to an external hard drive. This could be an external hard drive directly connected to your server / computer, or a Network Attached Storage (NAS) device. This protects against system failure. If something were to happen to the running hardware of your live system, you have your data separated and safe, but still close by - ready to restore as quickly as possible.
- Offline cloud backup. Having a copy of your data automatically backed up to a secure offsite location, to protect against an extreme physical event (fire) or extreme security event (CryptoLocker).
Test, test, test…
If you don’t test your backups, you might as well not backup at all. It would seriously surprise you if you were to know the number of businesses (large and small) who thought they were protected by backups… until they needed to restore from backup, and realised nothing was there. If you do not test, you do not know if you can restore. TEST, AND TEST OFTEN.