1. Make sure your business has an up-to-date anti-virus, web filtering software and a working firewall.
The best way to stop cyber criminals attacking your business is installing anti-virus software, a web filter and a secure firewall. A combination of these three will prevent things like malware from entering your business. Preventing malware entering the organisation in the first place is the best way to secure against a cyber attack, through the adoption of a ‘layered approach’ to protection; implementing anti-virus, web filtering and firewalls. It is also essential that you ensure each component is accurately configured and always up-to-date.
2. Ensure your operating systems and software are up-to-date and key patches are applied.
Malware can often infect an organisation by entering through bugs in software and applications. You should double check that the newest software updates are implemented and patches applied as soon as they’re released. A proactive approach with regular patching schedules in place will help keep your organisation safe from threats.
3. Backup all important data and check backups are as current as possible.
Once a business has been effected by ransomware your data can become encrypted and your files and folders are no longer accessible. At this point the only option is to recover your data from previous backups. Keeping your backups operational and secure is the best option and is key to mitigating risk.
It is also imperative that the backup data is routinely checked, well-defined and practised restoration procedures are created, which, if accomplished, means that even if the system was to become infected it will lose relatively little data – and, importantly, can be quickly back up and running. Also, the newer a backup is, the less data you lose; after all nobody wants to use a year old backup.
4. Verify that your users are trained and are vigilant.
Email cyber crime is common, often sent by the cyber criminal as part of mass random communication schemes. You should therefore consider investing in ongoing training to remind employees of potential hazards.
Give-away signs to look for include:
- Incorrect email addresses: Cyber criminals will try and fool users into thinking an email has come from a reputable source when is hasn’t – always doublecheck the email address the mail has been sent from not just the sender.
- Communications from organisations or on topics that arrive out of the blue: If you are not expecting an email on a subject/person (especially finance) always double check.
- Poor quality text: Emails created my cyber criminals do tend to have a grammatical errors/missing text. The language used does not always make sense and commonly will not always have the correct email footers, if you’re not sure give them a call.
5. Is the email you just received fake?
Spear-phishing is a growing form of cyber attack actioned through email. The attacker poses as a company official requesting a specified action – such as a the ‘CEO/MD’ of a company asking Finance to transfer funds. These types of email can also claim to come from official organisations – a bank, government department, or even the police, for example. Companies should be aware of this potential risk, and define procedures to help employees identify phishing attacks.
6. Make a formal set of security policies.
Customers are advised to create and record in writing a set of formal protection policies and processes in consultation with Techquarters or their IT partner who can apply these policy requirements to every device.
7. Make sure your users utilise strong passwords and a multi-factor authentication policy.
It goes without saying that the more robust a password requirements policy is, the harder it is for cyber criminals to infiltrate a business. However, many companies still have not addressed password protocol, and allow users to set up ineffective and weak passwords. Requiring unique ‘strong’ passwords for individual accounts, or implementing single-sign on solutions, helps reduce risk, along with implementing multi-factor authentication – there are many products that offer this including office 365 and Azure.
8. Turn off the network or internet access if you think there’s something wrong.
Finally, if an attack is suspected, the best advice is to disconnect from the web. At an early stage in the attack, this can prevent malware establishing itself, but may also prevent ransomware spreading to other areas of the business through your network. If you can isolate the problem to one or a couple of systems, the malware or virus cannot spread and you have successfully minimalized the damage.
Want to know more? Watch the video below:
For more information on how to repel these attacks, take a look at the services we offer:
- Disaster Recovery – Microsoft Azure Site Recover (ASR), full mirrored servers for flip over
- File Level Backup – Secure offsite to Microsoft Azure Backup Vault
- Thecus Server Backup – Backup to Microsoft Azure
- SonicWALL – Firewall as a service (FWaaS), includes latest gateway Anti-Virus and threat detection
- Windows defender Advanced Threat Protection (ATP) – Rolled out as part of EMS or Office E5
- Webroot – Stand Alone AV
- Enterprise Mobility and Security – Intune and Windows Defender
Mobile Device and Application Management
- Microsoft Enterprise Mobility + Security – Remote wipe / application deployment
- Labtech – Proactive monitoring of systems
- Windows updates – Managed by EMS and Labtech
Email filtering / Archiving – Washes emails as they come in
- Office 365 advanced threat detection and protection – Cleans links and quarantines
- Security tests – one off PEN testing
- Open DNS – Constant screening of web links to make sure they are trusted once clicked on. Blacklisting and White listing.
User training – How to prevent the wrong clicking on things
- 365 Cloud Academy – User training
- 365 Cloud Academy – Technical Azure / Office 365 Administration Training