During National Cybersecurity Awareness Month, we’re focusing on “back to basics” security. Here’s the third of our posts related to this year’s theme: “Own IT. Secure IT. Protect IT.” Previously we covered Own IT and Secure IT. Now we turn to the category of Protect IT. Here’s some more of our best practices security advice.
If You Connect, You Must Protect
You likely have automated updates enabled on your operating systems. Are you running the most current version of your web browser? If you’ve turned automated updates off for any reason on any Internet-connected device, you’re simply gambling. It’s only a matter of time before a criminal finds your unpatched systems. Automated updates are usually enabled by default, but users may turn them off because they don’t like waiting for updates to complete. Make sure these are turned on.
Another basic protection is security software. Antivirus protection is good, but signature-based protection that looks for known malware is no longer enough. So-called zero-day attacks — malware for which no signatures have been created — are a serious threat, and most ransomware attacks fall into this category. Much better than simple antivirus is a full-featured endpoint security suite that includes application whitelisting. This means that only known applications are allowed to execute on the machine, so even if a criminal manages to plant something, it won’t be allowed to run.
Stay Protected While Connected
Business Wi-Fi connections are often protected by a passcode that everyone shares. It’s a huge temptation to share the code with any visitor who asks. Even more ominously, a terminated employee has the key to wreak havoc on your network. A better option is to enable single sign-on using a protocol called RADIUS, which allows the same set of network credentials used for other services to grant Wi-Fi access, too. This means one combination of username and password unlocks access to the device, Wi-Fi, email, and other network accounts. This prevents passkey sharing, and deleting a terminated employee’s username and password locks them out of access completely.
Outside of the office or when traveling, public Wi-Fi hotspots in airports, coffee shops and hotels are very convenient, hugely tempting, and enormously risky. Require employees to use a VPN when using public Wi-Fi to connect to the office network, access files stored in the cloud, check their email, or any other instance when they might be accessing sensitive data. Better still is to avoid the public Wi-Fi altogether and use a mobile device hotspot instead.
If You Collect It, Protect It
Regardless of the number of security measures you have in place, an encryption solution adds an extra layer of protection for sensitive information. Modern encryption solutions are essentially transparent for users, and can protect email messages as well as data stored on servers, in the cloud, or on removable drives. You can protect individual files, certain designated folders, or an entire hard drive. If a laptop or removable drive is lost or stolen, encryption renders the sensitive information unreadable.
During National Cybersecurity Awareness Month, we encourage you to take a closer look at your security measures and address any vulnerabilities. The best protection of all is to engage our SOC-as-a-service offering that actively monitors your environment for security issues 24/7. Contact us, or call 877-284-7789 to see how we can improve your cybersecurity posture.