21 Oct Knowing Your Cyber Threats – The Defences

As we explained in our previous article, cyber criminality is on the rise – this means that, more than ever, it should be a key concern for you and your team. We have already explored two of the most common forms of cyber attack that utilise the user as their bridge to your data. In this article, we will explore your role as management in the security of your systems.

Firewalls

A Firewall resides on the edge of your network and acts as a barrier between your ‘trusted’ network and the internet. This can be hard to understand, so let’s explain it in a simpler way. Imagine a bar with a bouncer on the door, for example – the bouncer is the Firewall of that bar, he monitors who is entering and permits access to those allowed and when access is not permitted he shuts them out.

So, by the Firewall refusing access, it stops a cyber criminal from being able to gain control or visibility of your data and systems – whilst simultaneously allowing access to those external to your network that have been granted permission.

How do I work a Firewall?

For smaller businesses, with just a few devices, it is possible to implement a Firewall at the device level. A Firewall working in conjunction with other measures such as anti-malware software – alongside the due diligence with your patch management, and an educated staff team – should put your organisation in good stead to improve network security. We will explore some of these later in this article.

Unfortunately, at a larger business device level Firewalls simply wouldn’t do the job due to the impracticalities in managing them properly. This means they require the use of boundary Firewalls. You should instead, at the very least, invest in a physical or cloud-hosted Firewall server.

Access controls

The user accounts in your organisation allow or disallow access. Access to any information should be limited to the status of that member of the team – never allow access to anyone who does not need that information. Once access is granted, this can be gained to that set level on any device, subject to those access and security settings. Doing this massively reduces the risk of information being stolen, damaged, and lost.

Accounts with special access privileges must be protected at all costs! The consequences of one being compromised could be business-defining and affect the entire business for a long time to come. These accounts can also be exploited with the sole intention of facilitating a large-scale attack at a later date, when the cyber criminal will gain access but lay dormant waiting for the optimum time to strike when you and your team aren’t prepared. One of these large-scale attacks could deem your business unsavable or – if still operable – at the very least cause long term detrimental effects to the reputation, your bottom line, and the functionality of your organisation.

To put it as simply as possible, only give access to authorised personnel to the point at which is required for them to complete their job role – if you don’t the consequences could be disastrous.

Malware protection

Malware is software that is designed to cause problems or damage to a computer or server. Malware is in some way the most common form of computer virus – the virus attacks your software and then clones itself before sending copies of itself to any computer or device that is associated with the original target.

How do I fight against Malware?

Malware is unpredictable. If unchallenged it has the power to render your business unfunctional, but there are measures that you can take against it – let’s look at those now:

1. Only use manufacturer-approved apps – Apps that are purchased from unknown/untrusted sources probably haven’t been checked for Malware! Teach your users the damage of purchasing apps from these sources. Luckily there are sources that are manufacturer-approved, which are trustworthy, and widely safe to use. These include the Apple App Store and Google Play, both of which are constantly monitored to ensure that they are safe to use and pose very little Malware risk.

2. Install Anti-virus software on ALL computers! Although most come with a free version, they are often basic and won’t be of much use against a pre-planned sophisticated cyber attack.

3. Use a Sandbox. No, we don’t mean take your computer to the local park with you – in computing terms, a Sandbox is an isolated environment within a network that operates separately from the main network. Running your apps here stops them from communicating with other parts of your network or device, in turn keeping them out of harm’s way.

Data backup

With cyber criminality on the rise, you must be prepared for the worst-case scenario, and having an effective data backup strategy is essential.

We recommend using the 3-2-1 backup rule; you need 3 copies of your data, 2 of which should be kept on some sort of separate storage media and the other one should be stored offsite for disaster recovery purposes. Like anything, spreading resources across multiple locations ensures continuity and makes it less likely that they will all be under attack at once.

As the adage goes, don’t put all your eggs in one basket – this is referred to as ‘data risk management. This method is beneficial for many reasons. It isn’t just in the eventuality of a cyber attack that these data backups could come in handy – data compromising events come in a variety of different forms (hardware could fail, there could be a fire, a flood, or any variety of natural disaster) – so having a plan in place to ensure data recoverability could essentially be the difference between your business shutting its doors forever and you simply having a few hours of downtime.

Data backup – where to start

Most businesses require a personalised tailored approach and, with there being so many backup options available, it can make it very difficult to say, ‘This is how it’s done’, because every business is different and will employ a different way of doing things. Here are some basic rules to follow whilst making your own choices around data backup.

1. Cloud storage must be taken advantage of. The Cloud is a cost-effective, convenient, and easily accessible storage option. It is ideal for disaster recovery in the event of a serious disaster.

2. When you keep track of your data it can be beneficial to have more than three different locations for storage. Three is normally the recommended amount, but the more you have then the more protection you have.

3. If possible – and appropriate to do so – keep physical copies of documents. Yes, the world is moving on and for some of us it’s been a long time since we have seen a filing cabinet, but they still have their purposes.

With what you have learnt in both articles you should now know the seriousness of cyber security, some of the ways that cyber criminals go about attacking your business, the ways in which to stop them being successful, and the ways to back up your system in the eventuality that all else fails.

Cyber security guaranteed

Since our conception back in 2005, we at Vostron have operated under a series of predetermined guiding principles, agility, people, and approachability. With those principles adopted wholeheartedly throughout everything that we do, along with our progressive approach in helping our clients to achieve their business goals in the most cost-effective and secure way possible, we are proud to say that we have earned the trust of a loyal customer base across the UK (from our home in Southampton).

Please don’t hesitate to get in contact to find out how we can help you!