Critical IT Security Protections Businesses Should Implement

Critical IT Security Protections Businesses Should Implement

CYBERCRIME IS ON the rise, draining about $500 billion a year from businesses worldwide. Here are just a few preventative measures that can help minimize (or eliminate) the reputational damages, losses, litigation and costs of this growing threat.

Educate your people. Almost all security breaches in business are due to an employee downloading or opening an infected file or link from a Web site or e-mail. Phishing e-mails—designed to look like legitimate messages—are common, and spam filtering and antivirus software cannot protect a network if an employee clicks on an infected link.

Adopt an acceptable use policy (AUP). An AUP outlines how employees are permitted to use company-owned PCs, devices, software, Internet access and e-mail. Policies should limit the Web sites employees can access with work devices and Internet connectivity, and should be enhanced with content-filtering software and firewalls.

Do not allow employees to access company data with unmonitored personal devices. Thanks to the convenience of cloud computing, employees can gain access to company data remotely and from their own personal devices. But if an employee accesses a critical cloud application via a personal device that is infected, the hacker can gain access, too. Companies that allow employees to use personal devices and home PCs need to make sure those devices are properly secured, monitored and maintained by a security professional.

Require strong passwords and passcodes to lock mobile devices. Passwords should be at least eight characters, and contain lowercase and uppercase letters, symbols, and at least one number. On a cell phone, requiring a passcode to be entered will go a long way toward preventing a stolen device from being compromised. Network
administrators also should require a password reset every 30 days to 60 days.

Keep your network and all devices patched and up-to-date. New vulnerabilities are frequently found in common software programs such as Adobe, Flash, Microsoft and QuickTime. When system and application patches and updates become available, they should be installed. Under a managed IT plan, this can all be automated, which eliminates missed updates.

Have a business-class backup both on-premise and in the cloud. In a ransomware attack, a hacker locks up a company’s files and demands a fee to restore them. But if the files are backed up, this becomes a non-issue. Automated backups also protect against employees accidentally (or intentionally) deleting or overwriting files, and against natural disasters, fire, water damage, hardware failures and a host of other data erasing disasters.

Incorporate a business-class firewall and proper updates. Firewalls act as the frontline defense against hackers, blocking everything not specifically allowed to enter (or leave) a computer network. Like systems and applications, firewalls need ongoing monitoring and regular updates as part of a company’s routine IT maintenance.

Implement advanced end-point protection. End points are personal computers, network servers and other devices connected to the Internet. When they are exposed, systems and data become vulnerable. Unlike traditional anti-virus solutions, advanced end-point protection platforms do not require prior knowledge of an attack to detect
and remediate it. They apply machine learning and artificial intelligence to continuously outflank attackers. As such, they are even ready to stop threats that do not yet exist.

Cybercrime has become so widespread that it may not be possible for any business—
large or small—to avoid being a target. A virtual army of hackers and sophisticated crime rings are working around the clock to overcome known protections.

View all featured articles