No one is above being breached. There are many ways that a breach can happen and there is no one piece of technology that can safeguard your organization, but, there are steps you can take to make sure you are not an easy target. Keep in mind, you don’t have to spend massive amounts of capital on your “cyber defense” posture; it is all about the policies put into place and the enforcement of those policies with your users.
Rob Lammert from our partner, ESET breaks it down into these four important steps:
1. Educate Your Users
Many studies show that the weakest link in your technology environment is actually human error. In their day to day activities, users are bombarded with many infiltration attempts such as phishing scams, infected email attachments or even unsolicited “help desk” phone calls. Educating your users on your security policies and procedures is a big step in preventing an infiltration. Many companies provide educational sessions like “Security Awareness Power Hour” on a regular basis to help users stay educated on how they are to identify and handle threat attempts.
2. Maintain Multiple Layers
Years ago, only having an antivirus product on your endpoints or servers seemed to be all you needed to be secure. In today’s threat landscape, having a multiple-layered approach helps safeguard against holes in one line of defense or another. For example, allowing multiple detection engines and styles, such as Anti-Spam, Anti-Phishing and Anti-Malware, to scan emails prior to them reaching their destination can be quick and easy way to safeguard against many spam or infected emails. This can be done by having an external scanning engine assess the email before it reaches your company gateway, with a final line of defense being on the endpoint to detect anything remaining. Multiple layers of security in each of your data entry and exit points helps make your environment unappealing to hackers, as security layers increase the time needed to infiltrate your infrastructure. Key items to consider for layers are encryption, authentication methods, data loss prevention, and endpoint security products, all of which can work independently or in unison to lock down your infrastructure.
3. Patching & Updating
Operating system and application exploits are among the most common infiltration points for malware and yet are the simplest to prevent. There are many products in the marketplace that can help you with patching your systems and can be deployed within a small time frame. Patching and updating products is not only limited to the common products that you think of such as Microsoft Windows or Microsoft Office, but really all products that your users might interact with such as Adobe Acrobat, Adobe Flash or Java. Keeping your environment up-to-date will go a long way in keeping your environment safe from external attacks.
4. Wash, Rinse & Repeat
Securing your infrastructure is not a project that has a specific completion date or objective; it is an ongoing process that will require you to update your methods as threats become more sophisticated. Many products, such as endpoint security software, do a lot of the heavy lifting for you to keep you (and your business) protected against many existing and “zero day” attacks, but they can’t do all the work for you. Be sure to continually keep yourself educated on the latest threats - as well as techniques to prevent them - as they change frequently; sometimes daily!
There are many fantastic websites out there to help you with this information, like ESET’s security news website, WeLiveSecurity.com. Also, ESET has a variety of free, educational white papers and webinars that cover a variety of security topics.
To find out more about security awareness and what options are a right fit for your organization, contact Network Center, Inc. to setup a free consultation. Network Center, Inc. also offers vulnerability tests to identify security risks in your environment.