Security threats are everywhere. Are you racing against the clock betting that one won’t happen to you? While attacks can happen to any company, an article written by the Atlantic states “companies with 500 or more employees are particularly vulnerable to attack.”
It’s easy to feel helpless while hackers continue to evolve their tech warfare militia, but no one has to be a victim. There are safeguards and best practices that can be put in place proactively to harden the outside of a network from the bad guys.
If you do not have a plan in place today, consider a few simple steps to help take down the FREE DATA SALE sign off your business’s digital doorfront.
Make it harder for someone on the outside to get in.
Implement a product that detects edge intrusion. If a flare goes up at the third failed password attempt, you can be more alert to when these attempts are occurring. Verizon’s network and gateway security product can be customized from a basic firewall to virtualized security functions or to fully managed security devices. Find a provider who can fit your need for edge protection.
There may be holes and vulnerabilities in your software. This is an easy way in for hackers. Software patches are expensive for companies to release so there is usually a good reason behind the patch. It may mean that a vulnerability or weakness has been identified. Do not let yourself be exposed and make sure you keep all of these programs up to date with the latest versions.
But what about the people already inside the network?
Unintentional human error can easily occur without the proper training on security policies. Your employees are the front line of defense, and they could unintentionally infect your network if they don’t know what to look for. Remember the Nigerian prince? Phishing schemes only need one click on a link or opening of an attachment on a suspicious email for the entire inbox to replicate the message and spread the infection.
Corporate travelers can be susceptible to malware when logging into wifi networks at airports or hotels. Sketchy networks may try to capture login information with screen-watching or even keylogging with a trojan horse virus. Employing DDOS shields in virtual and mobile environments as well as requiring data travel over VPN instead of the public internet can protect from these attacks. Some companies put a more extreme defense in place using travel devices in place of company issued cell phones and laptops. These are returned to corporate and wiped clean upon employee’s return.
Humans are error-prone, but sometimes there is an intentional element. What is the exit-strategy for ex-employees? Disgruntled ex-employees cannot be removed from the network access too soon. In the moments after firing critical business information, confidential customer data or trade secrets can find their way from your network into a competitor’s hands as a hiring incentive. Make sure that this strategy is implemented and followed through. Having an employee complete a two weeks notice is also not recommended.
Set higher standards for passwords, and then implement a service to monitor and detect attempted intrusions.
If there are password standards with complex case or number requirements, it is less likely someone will be able to hack his way into your network. Set a low limit on number of login attempts and have a monitoring service in place to notify you when this number is exceeded. Set expiration periods for users. If someone has not logged in for several months, make sure they are able to verify their identity and create a new password.
Do your devices have Security Monitoring and Management in place? Verizon has nine SOCs (security operations centers) open 24/7, monitoring for unusual activity.
It may still happen!
Companies are required to keep records on hand for long periods of time for audits and taxes. Set an automatic backup every day outside of business hours to avoid bandwidth sludging. Practice recovering your data so you know you can restore it if you need to.
Disaster recovery is critical for outages and attacks. Implement a DRaaS solution to ensure you can make it out alive with your data when a ransomware takes your network hostage. eXemplify offers a business continuity plan that is personalized to the needs of your business and will consider both virtual and on-site backups to meet your DR goals.
The amount and variety of malicious programs on the web can be overwhelming to consider. With a plan in place, you help minimize your company’s target size and navigate around warning signs. If the plan does not protect you, learn from it. Revise the plan and evaluate where it went wrong to better prepare you for future attacks.
It also doesn’t hurt to have an enterprise grade expert on your team when going head to head against today’s sophisticated cyber criminals. Verizon’s DBIR report offers an annual, in-depth look into the evolution of cybersecurity, how to stay vigilant and educated on threats, and how to prepare your business for potential breaches.
Verizon and eXemplify will be there right beside you on the battlefield. Contact us today to learn more about how you can provide Verizon solutions to your clients.