IT Insight: Cyber hygiene and your business
Your Cyber-Security solution should include critical services that every business should have in place to help protect their IT systems, employees, vendors, and clients from ransomware attacks, email scams, financial fraud, data theft and other cyber threats. Consider the following:
Web Content Protection: Any user browsing the internet may inadvertently land on websites that deliver malicious software such as viruses to any computer that connects with them. These websites could infect the user’s computer and potentially precipitate a broader cyber-attack. Web content protection blocks users from accessing known bad websites. Depending on the preferences of the client, this service can be set to block other categories of web site and content that may be deemed incompatible with the client’s usage policies.
Emailing Protection: Spam emails are one of the most common attack vectors, used by hackers to deliver harmful software or to lead users to damaging links. An efficient email protection service uses an advanced machine-learning technology to catch potential spam and other known and unknown threats in email. It places suspected content in a quarantine folder where is can be reviewed safely by users and selectively released.
Duo Multi-Factor Authentication: Many cyber-attacks get originate by stealing user credentials through specially designed malware, social engineering, or other means. Multi-factor authentication (MFA) enhances protections by requiring a second PIN, usually delivered via a cellphone, to be entered along with the user’s email. If a user’s password has been compromised, MFA ensures the hacker will still be blocked. Duo provides MFA for users to access their PCs, and for remote access via a VPN. For good reason, MFA is high on the list of protections required by cyber insurance providers.
Keeper Password Management: To make it challenging for hackers to guess or crack a user’s passwords, or to limit the damage if the credentials are compromised, security best practices demand that every system uses a different password, that the chosen passwords are long and complex, and that they are stored in a safe place. All of this is made possible by an enterprise password management, such as Keeper, which provides an effortless way for your users to keep all their passwords securely in one place, and to access them as needed from all their devices.
Keeper Password Breach Watch: In addition to safely storing your users’ passwords, Keeper monitors the Dark Web for stolen passwords offered for sale. If any of those on offer matches a password managed through the Keeper Password Manager, they will immediately notify both the user and your Managed Service Provider to be sure the password is promptly updated.
Security Awareness Training: No email spam solution can be 100% effective in separating spam from legitimate email, so it remains vital that all users are trained to recognize spam, and what actions they should take when they suspect an email. A core element of this training is to send your team simulated phishing emails from time-to-time so that they remain mindful of the risk, and so you can identify users that may need additional training. Cofense is one of the world’s leading providers of simulated phishing. I would recommend that all clients implement a quarterly simulated campaign, combined with periodic training.
Threat Protection/Endpoint Detection and Response: SentinelOne is an advanced threat detection agent that applies artificial intelligence and other leading-edge technologies to provide additional protection for Windows and Mac computers by detecting unusual behavior that might be associated with malicious activity. When such activity is identified, the agent can take additional steps including quarantining the suspicious process. SentinelOne is supported by a 24×7 Security Operations Center that will review any detected events.
All staff who regularly access sensitive documentation, including HR, accounting, and senior management, should have a SentinelOne agent installed in their workstation(s). SentinelOne reinforces the antivirus agent that should be already required in all your workstations.
Monthly IP Address Vulnerability Scanning: The first line of defense for an IT network is its connections to the internet. Each such connection should be protected by a firewall which is usually set to disallow all traffic unless it is specifically needed.
Best practice is to scan all public IP addresses periodically to ensure that the firewall is in place and correctly configured. A cloud-based vulnerability scanner for this purpose that checks for tens of thousands of identified vulnerabilities, including outdated or unpatched software and misconfigurations is highly recommended.
PCG provides our clients with a broad range of technologies, tools, and guidance they need to keep their IT systems, employees, and clients safe from cybercrime. To this end we have implemented a multi-part security architecture, with a broad range of security services that cover each of the five security functions defined by the NIST (National Institute of Science and Technology) Cybersecurity Framework: Identify, Protect, Detect, Respond, Recover.
JoAnn Hodgdon is vice president and co-founder of Portsmouth Computer Group (PCGiT) with her husband David. PCG provides comprehensive managed IT services, business continuity, security, cloud computing and Virtual CIO services to their clients. You may reach her at firstname.lastname@example.org or at www.pcgit.com.
This article originally appeared on Portsmouth Herald: IT Insight: Cyber hygiene and your business