Net Platforms

NetPlatforms Featured Image 1

Knowing Your Cyber Threats: The Role of Managers

In our last article, we outlined some alarming statistics that show the rapidly rising levels of cyber criminality across the globe, and how it is affecting small businesses. In this piece, we move from exploring cyber threats from the perspective of users and focus on the influence that management can exert to assure the cyber security of their business.  

We’ve explored the role of two highly common cyber threats to businesses: phishing and ransomware, and some of the techniques cybercriminals use to manipulate users into compliance. While it pays to instil a culture of cyber vigilance among staff and educate them on cyber security best practice, managers also have a vital role to play in limiting staff exposure to cyber risks. In this article we’ll explore some of the tools and strategies managers can use to defend their businesses in the face of a worsening cyber threat landscape. 

 

Firewalls  

A Firewall sits on the edge of your system and acts as a barrier between your trusted internal network, and untrusted external networks (I.e. The internet). It is quite like a door to a house; it is a point of entry to your network through which access can be permitted or denied. A firewall monitors and controls incoming and outgoing traffic from your network, and protects it in this way.  

When the Firewall refuses access it stops cyber criminals in their tracks, and prevents them from being able to access and control your sensitive data and systems – but, don’t worry, your authorised users will still have full use of the system and be unhindered when on it. 

Smaller businesses that only operate with a few devices can implement Firewalls at a device level. For a Firewall to work effectively, it must be working in conjunction with other security measures – anti-malware software combined with the due diligence of an educated and able staff team will put your systems on a solid foundation when it comes to your cyber security.  

For larger businesses, operating and managing individual firewalls at device level becomes too onerous and time-consuming. Larger business require boundary Firewalls, if you run a larger organisation, you should as a minimum, invest in a physical or cloud-based firewall server, which may require the expertise of a Managed Service Provider to manage effectively. 

 

Access controls 

By tiering access to information on a ‘need to know’ basis, you can protect your business from deep cyber-attacks in the event that they penetrate your network. Imagine if access was equal across your organisation to its data, files and tools; if a cybercriminal gains access to a user’s login details, they have access to virtually the whole network. By setting up access controls, you can reduce the risk of data loss, theft and damage.  

You must protect accounts with special access privileges, because if one of them gets compromised by a cybercriminal they could cause potentially business-defining damage to not just your IT landscape but the entire organisation. Often these accounts aren’t compromised for immediate gain, but instead can be used for a larger-scale attack later on when the right opportunity presents itself. If a larger scale attack is successful, it could mean a serious drop in your reputation as an organisation, your bottom line, or in the worst-case scenario – the end of your business altogether. 

 

Malware protection 

Malware is an umbrella term for a wide range of software that is designed with the sole purpose of causing problems or damage to a computer or network. Although often conflated with the term ‘virus,’ it’s worth noting that a virus is a subcategory of malware defined by an ability to replicate and spread between computers, often resulting in network-wide harm. 

With the unpredictability of Malware, if it goes unchallenged it can floor your operations and systems, rendering them completely useless. However, there are measures that you can take against malware, such as:  

  1. Use manufacturer-approved apps only: Purchasing or using apps from unknown or untrusted sources can cause serious problems as it is likely they haven’t been checked for Malware. It is imperative that you educate your users about the potential damage that can be caused from purchasing apps from these sources. There are sources that are manufacturer-approved on the market which are trustworthy. The best examples of these are the Apple App Store and Google Play, which are safe because they are both constantly monitored to ensure that they are safe to use. If in doubt, consult your IT provider.  They should be able to source authentic software from sources in their trusted vendor network. 
  1. Install Anti-virus software on all computers and devices: Most devices come with a free version, but these free versions are often insufficient. It is beneficial to remember that these are very basic and shouldn’t be trusted. If your systems are targeted by a sophisticated attack, they will not be able to defend against it. Instead, invest in premium anti-virus software which can offer a depth and breadth of protection against malware threats.  
  1. Use a Sandbox: We’re not talking about the one down the local park! A sandbox in computing terms, is a protected environment within a network that operates separately from the main network. A sandbox can be used to segregate untrusted or unsupported applications, keeping your wider network out of harm’s way. 

 

Data backup 

You must be certain that you are prepared for the worst-case scenario and have an effective data backup strategy ready – not having one could spell disaster and result in some serious downtime for your IT.  

The 3-2-1 backup rule is a good way of thinking about it; you need 3 copies of your data, 2 should be kept on separate storage media, and the other one should be stored offsite and be specifically for disaster recovery purposes. Spreading your resources across multiple locations is the only way to ensure business continuity, because it is incredibly unlikely that they will come under attack at the same time, meaning that your business will have options to get itself up and running against quickly. This is referred to as ‘data risk management’ and is beneficial for many reasons.  

The aftermath of a cyber-attack isn’t the only time that these data backups could prove to be useful – there are a variety of different potentially data compromising events that could mean that they are needed, such as a failure in hardware or a fire, amongst other possibilities. The key point here is that having a plan in place to ensure data is recoverable, can make all the difference between your business shutting its doors, potentially forever, versus losing a few hours to downtime before getting back to running business as usual.  

Most businesses need a catered approach to data backup. With there being so many options available on the market today, it’s impossible to say ‘this is right for your business’ without getting to know you first. However, you can back up your data on a dedicated separate server or use cloud storage solutions which offer a cost-effective and easy way to backup your data in a separate place should it ever be needed.  

We hope that these articles have helped you to understand the seriousness of cyber security and cyber threats, the key ways that cybercriminals can attack businesses, and some methods that both management and users can apply to keep their organisation secure and prepared for cyber threats. By implementing these insights, you can lay an initial foundation for a cyber secure future.  

NetPlatforms – Ensuring you can achieve value from your technology 

Using the IT tools correctly can unlock value, security and growth for your business. You have the power to revolutionise the way your organisation produces work whilst keeping it secure from cyber threats. We can ensure that you implement the right tools, use them correctly, and plan for the future. Our success can be attributed to one thing: TRUST. Ever since our very first year in business, our clients have been happy to recommend us to other businesses, and we have grown steadily thanks to the words of our clients. We can truly help you to get the best from your IT in the most secure way possible. Don’t hesitate – contact us now!