Cyber criminals are always searching for easy targets, prodding and probing organisations to find weaknesses in their security which can be used to gain access.
Security for organisations is a complex beast, with so many entry points to protect, it can be easy to miss something simple, leaving your organisation open to attack.
To help you increase your organisations security, we have outlined 12 of the key measures you can conduct internally to strengthen your organisations security and protect it from the malicious individuals who would seek to disrupt it. These are:
1. Use Strong Passwords – One of the simplest things you can do to improve organisation security is to increase the complexity of your passwords. Including lower case, upper case, numbers and special characters in your passwords. This makes them virtually impossible to crack, and incredibly difficult for criminals to evade your password security.
For highly sensitive information such as company accounts etc, two factor authentication could also be used as a way of maximising password security.
2. Firewall – Another standard security measure all organisations should have is a secure firewall. Firewalls secure your system by controlling the web traffic coming into and flowing out of your business.
3. Use Antivirus Protection – Reliable and regularly updated antivirus software will scan the folders and files on a regular basis to detect viruses which may have gained access to your network.
However, antivirus is only a last line of defence, should a malicious individual attack or breach your systems.
4. Patches and Updates – Ensuring you have downloaded the latest updates and patches for your systems is essential to keeping them secured. Updates and patches are designed to fix vulnerabilities and bugs which exist and without them your organisation is open to attack.
Once a patch has been announced, the vulnerability it has been created to fix is made public, so the longer you leave before applying the patch the greater the risk to your organisation of suffering an attack.
5. Encrypt Your Data – Encrypting your data ensures that unauthorised individuals cannot access or exploit it. It is imperative that you encrypt any sensitive data that is held on portable devices or transferred over the internet to ensure that if it is stolen or intercepted it cannot be accessed.
6. Monitoring and Intrusion Detection Software – Continuously monitoring inbound and outbound network traffic will help you identify any unusual activity or trends that could indicate that your organisation is under attack and your data is being compromised.
7. Regularly Back Up Your Data – Recent ransomware attacks have demonstrated the importance of regularly backing up your organisational data. Many organisations could have avoided having their data held to ransom if they had routinely backed up their data to offline storage.
Having multiple backups of your organisations data that can be restored at a moments notice ensures that your business can operate with minimum disruption in the event your data is lost or stolen.
8. Set Privileges – Effectively managing user privileges helps reduce the risks of your sensitive business information falling into the wrong hands. One of the simplest ways of managing this risk is to determine what rights and privileges each user needs to effectively perform their role and operate a policy of least privilege, ensuring that sensitive information can only be accessed when it is absolutely necessary to do so.
9. Regular Training and Assessment – Regular training can provide your staff with the knowledge and awareness to recognise phishing and other forms of cyber attacks before they can impact your organisation. Coupling this training with regular assessments in the form of mock attacks can ensure that the training has worked and your employees are well equipped to recognise and shut down potential attacks.
10. Secure Your Wi-Fi – Connecting to a secure business Wi-Fi connection is an easy way for members of your organisation to access and share files.
Setting up a completely separate guest Wi-Fi connection for customers and guests will prevent and unauthorised users gaining access to your main network and accessing your files.
11. Removable Media – It is important that if your organisation uses removable media, you have set policies to control its use for the important and export of information.
We also recommend that you scan all media for viruses and malware using a standalone scanner which is not connected to your main network. This is crucial because by using a standalone scanner, you are preventing any potential viruses from accessing your core networks
12. Protect Your Physical Assets – Protecting your physical assets is just as important as protecting your online networks. This includes stopping malicious individuals breaking into your offices and ensuring that your employees don’t remove sensitive documents from your premises.
To help you identify and remediate vulnerabilities which exist in your organisations security, SES can provide consultants to review your organisations cyber security measures and work with you to respond to any weaknesses which exist.
SES can also deliver a range of services including Penetration Testing, Vulnerability Assessments, Security Assessments, Governance, Risk and Compliance and Security Training to increase your organisations cyber security posture.
To book your cyber security consultation, or discuss how SES’s Cyber Security solutions could benefit your organisation, please get in touch and one of our specialists will get back to you within one business day.
© Financechain Limited trading as SES and ses-escrow.co.uk, 2019. Unauthorised use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Financechain Limited trading as SES and ses-escrow.co.uk, with appropriate and specific direction to the original content.