Prevent, Protect your Business Today
Protect your Business. If you own or manage a business, the significant challenge facing you is prevention of cyber incidents or data breaches from malicious or criminal attacks. This article looks at how you can minimise this risk proactively with a managed protection strategy.
The Human Factor
One of the greatest vulnerabilities for an organisation is their staff. Humans are often targeted by the criminals through email. The criminals are wanting your staff to unwittingly click on a malicious link, provide sensitive information such as passwords or in some cases payroll information.
The Australian Cyber Security Centre (ACSC) for instance has reported that they have received a wide range of reported incidents covering things like:
- Fake emails from the Australian taxation office requesting tax file numbers.
- Scammers that fake themselves as being ICT service desk providers asking for employee multifactor authentication credentials.
- Payroll fraud email asking payroll to change bank account details for the next payroll run.
- Fake invoices delivered by email.
One key strategy is to make sure you conduct some awareness training for your staff. Include the topic regularly in any staff meeting so people can share their stories and educate each other.
What to Consider?
The first element to consider is identifying which of your systems are likely to be targeted and identifying what level of protection is required. The protection may include enabling two level authentication processes, monitoring of all connections by your IT provider, ensuring all systems have all the latest patches. (Patches are when you receive a notification to update your software with the latest patch, many people ignore it, however it is best to have your IT provider to monitor this and carry out the patch updates at a time when nobody is at work. This way you have peace of mind)
Check to see what is visible to internet scanning tools. If its visible, then it becomes a potential target.
If you have Remote Desktop Protocol (RDP) connections, then either restrict those connections to authorised networks, or even better, disable all external RDP and make those users first connect via a VPN and then use RDP.
The Essential Eight
The following eight mitigation strategies have been identified by the Australian Govt Cyber Security Centre as being essential in minimising the risk to a business. If you’re a business relying on an external provider, then the monthly activities performed should include actions around the essential eight strategies to minimise risk.
Application whitelisting, this is the practice of specifying an index of approved applications that are permitted to be present and active on a computer system. The aim is to protect the computer and the networks from harmful applications. Tasks are to identify and create the whitelist rules and then maintain it monthly.
Patch Applications and Operating Systems is the process of updating your software applications with the latest updates from the supplier. Often these updates are addressing vulnerabilities that have been identified by the software developer. The most common patch you would be aware of is Microsoft when you shut down your system. The next most common is your anti-virus software updating its virus definitions database. Not all staff will update, and your external provider should always monitor and update where necessary, so all devices are up to date.
Office Macros are programs that allow users to perform task much faster and efficiently. They are an excellent target for a hacker. They will often populate documents that appear normal but upon opening will run code inside the macro giving them control of your system. Mitigation involves only allowing the macros to run from documents in trusted locations with controlled write access.
Restrict Administrative Privileges in effect only give access based on a user’s duties. This should be reviewed regularly and remove un-necessary system privileges. This also involves managing access to your networks and managing email access, password resets etc.
Harden User Applications this is where you tightly control applications that can perform unwanted or potentially vulnerable actions. Examples are blocking flash applications, java plug ins etc.
Multi Factor Authentication this is essentially the introduction of additional methods for verifying the user’s identity. They will not be given access if they cannot provide the second level of authentication. This is becoming increasingly popular and effective in managing access.
Backup Daily this minimises the level of disruption to your business in the event of a system crash or a cyber -security incident. Plans between businesses will vary but as a minimum backup should be retained for three months and be disconnected to your system. Your IT provider should develop a backup process with you, and they should always be talking in terms of business continuity. There activity includes monitoring that the backup has occurred and ensuring the restoration process works.
How can your local Computer Troubleshooter help you?
Firstly, they can provide an initial assessment of your current situation and based on that assessment recommend a solution that will involve a monthly fee based on the activities and the number of devices to be managed. To start the ball rolling call 1300-28-28-78 and request that chat.
Sources for the article:
Australian Cyber Security Centre
Aus Cert
Stay Smart Online