Welcome to this month’s blog post. Today I am going to discuss cyber security. What it is, why you need it, and how you can implement it.
Let’s start with the basics. Cyber security is the measures your business takes to protect your electronic data. This used to be as simple as having a decent anti-virus program installed on your computer. Unfortunately, this is no longer the case. Nowadays businesses are spending vast amounts of money to keep their data secure and their staff working.
To understand why you need to have cyber security in place, let’s have a look at what the threats are to your business.
Corporate Data Theft
As the global economy kicks into full gear, your business is no longer competing with just the guys down the road, you are now up against everybody in your industry who can service clients in your area. This has led to a huge increase in corporate espionage. Not only are there people trying to steal your ideas, but you now have people looking to steal your client lists.
Client data is used for one of two reasons. One is that they look to take over your customer, and the second is that they will contact your current clients with new banking details and then get the client to pay them instead of you. We know of several businesses that this has happened to, and unfortunately a couple of those had to close their doors after that.
Ransomware and Viruses
Viruses have been around for as long as I have been in IT. They infect your computer and then will either delete all your data or will steal information and pass it back to the creator. The one thing all viruses have in common is that they look to spread to other computers. Luckily a good anti-virus program and some decent corporate policies can limit the exposure your business has to these.
Ransomware is the new trouble child on the block. Much like viruses, they will spread to as many computers on your network as possible. Then at a predefined or remotely triggered time, they will encrypt all your data, and demand payment to unencrypt the data. There are entire syndicates who devote themselves to this, and it is becoming more prevalent by the day.
Physical Theft
While it may seem strange to think that this would form part of cyber security, the physical theft of devices and information is still happening all around the world. Dumpster diving is the act of going through a company’s trash to get passwords or other information, that can be used to gain access to a company network.
Does your computer require a password to log in? It is amazing how many business computers have either no password or a password along the lines of Password123. Make sure that your computer is password protected and that the password is of a high enough level, that it won’t be cracked in 5 minutes if your computer is stolen.
How can you protect yourself?
Anti-virus Software
The fundamental building block of any cyber security system is a decent anti-virus. We recommend either ESET or Trend Micro. No business should be running a free anti-virus program. Free version databases of potential threats are not as up-to-date or comprehensive as the commercial versions.
The new commercial Anti-virus programs will not only keep your computer safe but will protect you against threats on your local network. This is particularly helpful if one of the other computers on your network gets infected.
Firewalls
A good firewall is a must for any business running a local network. The primary role of the firewall is to stop unwanted external traffic from getting onto your local network. While this may sound like quite a simple thing to do, external attacks will look to exploit any opening that they can find. Your firewall will not only block the common attacks, but with the new intelligent software that they are running, they act as the first line of defence in keeping viruses and malware off your network.
Mail Security
The adage of prevention being better than the cure is as true today as ever. Mail security solutions offer active protection for both you and your clients from threats like phishing, spoofing and 0-day malware. The one we use is also GDPR compliant.
SOC/SIEM
A Security Operations Center (SOC) and a Security Incident and Event Management (SIEM) platform are two key components of your data security solution. While they are stand-alone elements, they work best when combined.
The data generated by the SIEM is filtered across to the SOC and from this real-time reports are generated for your IT team. It would then be their responsibility to implement the fixes to the issues raised by the SIEM.
The SOC feature can be automated to provide a seamless SOC/SIEM dashboard for your IT team to monitor.
What happens when something goes wrong?
As much as we would love to tell you that you are never going to be a victim of a hack or data breach, that simply is not true. While all the above issues we have discussed are designed to minimise the chance of you becoming a victim, you still need to plan for what happens when you do become a victim. Think worst case scenario.
Backups
A quality backup solution is your first step in any IT disaster recovery plan. The intelligent backup solutions available these days can be tweaked in such a fashion so as to allow as little data loss as possible. Do note that the lower the data loss, the slower your productivity will be, as it requires system resources to create and run the backup each time.
An air-gapped backup is also a good idea for any business. This is basically a backup that once completed is removed from the network so that it can not be infected by new malware that may make it onto your network. Again, planning needs to go into how regularly these backups are done, and how many versions you need to store.
Restore Process
Any backup is only as good as the quality of the restored data. To this end, make sure that your backups can be restored. One of the big benefits of running regular restores is that it gives you a good indication of how long it will take you to get back up and running in the event of a disaster.
We have touched on just a few of the elements of a comprehensive Cyber Security strategy. These are to us the most important elements, but this is an ever-changing field and so too are the solutions available. Unfortunately for many businesses, this is a reactive industry, and while security experts are always at work trying to make your data safe, the hackers are also looking for new ways to gain access to your data.
Thomas Capitao (owner of the Mail Exchange)
083 445 2183