Now that we have explored some of the threats and measures to take in order to combat those threats, in this – the last blog in the series – we will explore the technical measures you can introduce to ensure that your cyber landscape is as equipped as possible to combat the threats.
The technical measures
Firewalls filter traffic passing across a network boundary based on a set of predetermined rules. The appointed Firewall administrator in your organization manages these ‘rules’. They configure the Firewall to block high-risk actions, whilst simultaneously permitting access to the online services required by users.
Multi factor authentication
Multi factor authentication acts as a way of knowing that the users that are trying to gain access to your systems are who they say they are. This is done by requesting authentication through another device via text message or email where only the individual concerned can access that device. Multi factor authentication is great if you are trying to bolster an already strong defence.
Arguably the most important of all is the security of passwords. Everyone in the modern world has passwords on one account or another - which is why it is ridiculous why so many don’t use passwords as effectively as possible. The best passwords consist of a random collection of letters, numbers, and other characters, all of which should have no meaning or relevance to the user. It is understandable why users don’t do this as it can be difficult to remember the password when made so random, but it is still essential none the less – you should make them as long and as complicated as possible.
We will now list some key principles for your team – and yourself – to follow in order to guarantee strong passwords:
- Length – the longer the better. Make your password over 10 characters and ensure that it contains a combination of letters and numbers and characters (random, if possible).
- Difficulty – If it is too easy to remember do not use it! Avoid easily guessable passwords with recurring numbers (123, 678), as well as common words/ words that are easily associated with you (Petname123).
- Change – Change your password periodically. There is a chance your account has been hacked and the cybercriminal is already operating inside your system.
- Cases – Use upper- and lower-case letters randomly.
There are a variety of different password management tools on the market that will allow you to generate, store, and manage your users’ – and your own - passwords. Password managers will generate complex passwords on demand for you and your users, meaning you can place your password management almost entirely on their shoulders.
As important as they are, passwords are often overlooked, sometimes just to make things easier for users. However, they are arguably the most important part of all cyber security measures available on the market - they will be the first line of defence for your systems against cyber-attacks so they need to be right.
Anti-malware measures need to be installed on ALL computers and laptops both at home and in the office. I know you get a free one with the manufacturer, and, yes, that will do an okay job to a degree, but a lot of the time you cannot trust the free one, as they are often very basic and are not equipped to support your business’ high standards of cyber security.
Managing permissions – for people both within and outside of your organization - is very important to stop unauthorized access, manage permissions to confidential information, sensitive data, and system settings. Access breaches can pave the way for Malware intrusion and make deliberate changes to your current security settings – thereby paving the way for future attacks to be committed.
This can sound confusing - the cyber criminal’s intentions are to encrypt your data, so you want to beat them to it and become the key holder. Confusing? I know! Voluntarily encrypting your own data is different to it being encrypted by a third party. Data encryption is the process of scrambling the readable text of your files and documents so they can only be read by the person who holds the ‘key’ - by doing this you are essentially turning the tables on the cybercriminal and creating further problems for them in trying to gain access.
Guaranteeing you are cyber secure
By trusting us with your IT needs we can guarantee that your organization is ready for anything that cyber criminals can throw at it. Our experience in working with small businesses in Ontario and the Great Toronto Area allows us to ensure that you can increase revenue, secure your data, always operate at peak performance, and - most importantly - operate in the most secure way possible. Contact us now to find out what else we can do to improve your IT landscape and bring you even more benefits from your IT going forward.