I've written this post while trying to keep the subject straight forward and accessible. It's aimed at small businesses that are looking to make fundamental changes to their systems and processes to keep their business environments cyber safe.
Disclaimer: Any opinions that I offer are my own and must be treated as such. DM IT Support or any associated individuals take no responsibility for the information provided and impact of its use. DM IT Support cannot be held accountable for any actions taken as a result of the information provided - use it at your own discretion!
As a business owner (and I appreciate this differs from country to country) it is highly likely that you have a responsibility to yourself, your staff, and your customers to keep your data safe. Cyber Security (or IT Security) isn't straight forward, and you're probably far more interested in running your business than thinking about IT, so the below may help you address key security concerns a little quicker. I've broken them down into elements that hopefully are easy to understand. The subjects mentioned are what I believe to be the most important.
Computer Security (Antivirus)
We're very much used to hearing about computer antivirus products - they've come a long way and these days they include lots of security features to keep your computers safe. Antivirus products are generally considered Endpoint Security products and typically include the following features:
Antivirus (to detect and stop viruses that are running, or are trying to run on your computer).
Mail Security/Anti spam (to detect unsolicated emails or emails containing malicious content or viruses and either delete or contain them).
Local/Personal Firewall (to control the internet and network traffic on your computer. This can stop a virus or malware trying to communicate).
So which product do you select? Firstly, you'll want to run the same Endpoint protection on all of your computers, and make sure there isn't any other Endpoint/antivirus programs already running on your computer. If there is, uninstall them first.
If you have a server, you may require a slightly different product than the one you purchase for your computers.
Gartner research provides the following information on Endpoint Security products:
Experience and current thinking points me towards either Eset or Panda products. I find their virus/malware detection abilities to be superior to other vendors and that's what's really important. My primary concern when thinking about the best Endpoint Protection is which can quickly identify and stop a threat that hasn't been seen before.
You can purchase any of the following using these links:
Once you've installed your new Endpoint protection it would be beneficial to run a full scan and check the results. After that, restart the computer(s) and check to see if any other malware or viruses have been detected and removed.
One of the easiest way for a hacker to gain access to your IT systems is through you clicking on malicious links in unscrupulous emails. It's so important to be vigilent when using email. Ask yourself, were you expecting the email? Is it well written or quite vague? Is there a way you can independently verify what's being said in the email. For example, if it looks to have come from someone you know but you're unsure about the email; then contact that person face to face or over the telephone using a phone number you know to be legitimate.
Often these emails will look to be from a reputable source, and there's ways in which to identify phishing emails, but I'll address these in a different post.
In a perfect world, it would be great if these emails never get through to your inbox at all, so it's important to invest in systems that help you achieve that goal. Unfortunately, even the best email providers aren't perfect, and unsoliciated emails will still sometimes slip through the net, but the below providers may help reduce your risk.
Microsoft's Exchange Online hosted email plan combines a quality email service with strong email security. It'll allow you to use your own domain (e.g. sarah@mywickedawesomecompanyname.net) too.
Gsuite from Google is a similar service, again, incorporating quality email security and the ability to use your own domain.
Links to both service:
I'll write a seperate post on how to simply setup business email addresses.
Router
Your business router may provide your WiFi, and also your external facing firewall. Essentially the router acts as the gatekeeper, passing and controlling traffic between the internet and the computers within your your company network.
There are a number of factors to keep in mind about your router.
Check the router fireware is up to date. Vulnerabilities are regularly found in computer systems, including routers, and if you don't update the firmware on your router, a vulnerability in it may be exploited.
Check that your WiFi connections are passworded.
Check that your WiFi service is using the latest encryption protocols. WPA2 AES is one of the strongest at this time.
Check that the firewall is running and that unnecessary ports are closed. Ports can be considered doorways in and out of your computer network, and any unused ports should be kept closed if they're not used.
I appreciate checking some of these settings is quite a technical task, but I wanted to highlight the important areas of concern. If you're business router is quite old, it may be worth contacting your internet service provider and asking for their latest model, as this will likely be relatively up to date and using the latest protocols to enable better security.
Back Ups
If the worse comes to the worst and you suffer a major cyber incident that impacts your files/data, you're likely going to want to have backups of your healthly data. Small businesses may benefit from cloud backups, and on site backups.
Cloud backups are essentially backups of your data kept with major storage providers. Your data is uploaded to their servers and they use resilience and redundancy measures to ensure your backups are consistent and kept available.
It is important to check that the cloud backup provider you choose encrypts your data when it is in transit, and when it is being stored. This is to ensure that if the data is stolen, that it is unreadable by the hacker.
On site backups will likely use external hard drives. Your server or NAS will likely allow you to, or include features to backup your data to external hard drives. The encryption principle applies here too. Ensure that your backed up data is encrypted, so if the external hard drive is lost or stolen, the data is unreadable. Multiple external hard drives could be used in an alternating pattern, with one copy kept away from your office at a secure location, while the other is being used for the latest backup.
Comments