Having read several articles and publications relating to cyber security lately, there are common threads in most.

We are taking this opportunity to supply a simple view of five key elements. 

Backing up your data 

Not all data needs to be backed up, so we need to find data that is fundamental to your business. This is the “must have” data and your backup process and procedures must ensure your valuable data is protected. 

The backups must be separate from your operational data, must not be easily accessible and should where possible have a copy off-site. Cloud options are readily available and may offer a more cost-effective solution for small businesses. 

Furthermore, we recommend that the backup processes are automated, become a regular activity, and plans must be in place to evaluate your recovery processes. 

Protect your environment from malware 

To protect your environment from malware, we recommend that a managed EDR (Endpoint Detection and Response) offering be implemented. Application patch management should form part of the malware defences as well as the ability to control and manage all external drives and USB usage. We also recommend that you investigate solutions that incorporate managed firewalls and web filtering thereby regulating the ability the download harmful applications. 

Use passwords to protect your data 

We feel that it is necessary to enforce password protection on your devices. There are many password applications that can be deployed to ensure compliance whilst offering the ability to manage passwords. 

We also recommend you use of enforce Multi-factor Authentication (MFA). 

Where possible, do not enforce regular password changes! This creates confusion for your users and leads to predictability. 

Smartphones & tablets safety measures 

Mobile devices are key components of today’s always connected, always on world we live in.  

Irrespective of BYOD or company owned devices; we recommend that password; pin protection is enabled. Biometrics is the preferred choice if possible. We also recommend that you enhance the security of your business by enabling device tracking, remote locking, and device wipe technologies. 

Patch management should once again form part of your strategy, so that operating systems, security and applications are up to date. 

It may even be possible to regulate that your users do not connect to unknown Wi-Fi hotspots but use their own mobile hotspot on 4G/LTE/5G to connect. 

Avoid spoofing and phishing attacks 

DMARC is a key element to any Cyber Strategy and as such must be included in your future. Not only will you protect your domain from spoofing, phishing, and email impersonation attacks, you will protect you brand reputation and improve email deliverability.  

References – various websites including: NCSC.gov.uk and Sendmarc.com   

New Cyber Security Legislation and Its Impact on Your Insured Clients

Read more

Why Are Cyber Insurance Claims Denied?

Read more

Why a Fractional CISO Could Save Your Business

Read more

Why Every Business Needs a Holistic IT Managed Service 

Read more

Safeguarding Your Business from Email Compromise in Six Easy Steps:

Read more

How to create a cyber placement strategy for 2024

Read more

Selling Cyber – Creating A Kick-ass Sales Process

Read more

Transforming Cyber Insurance: The Infoprotect Revolution

Read more

Why Move to the Cloud ?

Read more

Cybersecurity Insurance

Read more

Managing Human Risk in Phishing

Read more

10 STEPS to CYBER RESILIENCE

Read more

Take the fight to email impersonators

Read more

Cyber Insurance – MFA and SaaS

Read more

Phishing – Lets Educate & Upskill the users

Read more

Answer yourself truthfully… Can your business afford LAN/WAN downtime?

Read more

Into lockdown & post Brexit: Business as usual for Infoprotect UK.

Read more

The Hidden costs of cybercrime over and above the economic impact.

Read more