Blue Logic offices
Mark Ambler is the MD of managed IT services provider, Blue Logic. He is a technology and IT thought leader and has a formidable reputation for helping businesses protect themselves from cyber security attacks. Below, he shares his top five tips for safeguarding your organisation
Cyber security is one of the biggest threats facing businesses today. From phishing scams to DDoS attacks via personal devices and undertrained employees, organisations are under constant fire and from several fronts.
Phishing, for example, is when hackers try to obtain sensitive information such as usernames/passwords and/or gain access to data by sending employees emails that trick them into handing over information.
On the other hand, Distributed Denial of Service (DDoS) attacks are used by hackers to prevent users gaining access to a network or service.
The impact of a successful cyber security attack can be fatal for any business, regardless of its size. It can shut down an ecommerce platform, infect systems with sinister viruses and lead to major data breaches to name just a few consequences.
So how do you protect your business from cyber security threats?
You will have heard the saying “the best form of defence is offence” and when it comes to preventing attacks this is the most effective approach.
Hackers have an arsenal of tools at their disposal, but by being prepared, having the right technologies in place and training your employees, you can better protect your business.
Here are five ways we ensure our clients are in a position to fight off any attempt to breach their systems.
1) Train your staff:
Hackers may have an assortment of tools and tricks to help force their way into your systems, but their most powerful weapon is you and your employees – human error is actually the main cause of cyber security breaches.
This makes preventing an attack much easier than most organisations realise. By educating and training employees you can ensure they are savvy and vigilant and know exactly how to prevent an attack from happening, as well as what to do in the event one occurs.
To do this, you must make sure they are aware of what threats look like and how they should respond to them. Explain the tools and protocols you have in place, and also cover off the basics like device management and setting strong passwords.
2) Device management:
Proper device management is a vital part of protecting your business. Employees now have several devices – both work and personal – and it is important you have the necessary processes in place to ensure devices are secure and data is protected.
Work devices must be password protected, loaded with anti-virus and anti-malware software and used only for work purposes. It is also important to have policies in place that clearly spell out what devices employees can use (personal and/or work) and what they can be used for.
As an organisation, you want to be clear about what data employees can access from their devices – especially if it’s a personal smartphone, tablet or laptop – and also ensure you can control your data and that it is secure.
For example, by having control of the data regardless of what device it is being accessed from means you can wipe the data from the device remotely if it is lost or stolen.
3) Upgrade your firewall:
You should think of your firewall as your armour. If it is more than two years old then it might not be fully up to date, be able to identify new threats or be able to inspect encrypted traffic. This increases the risk that some threats may pass through and into your system.
You also need to ensure your firewall can monitor, detect, report and investigate a breach on your network. Visibility of activity is essential for your IT team.
If it can’t do one or all of these things, then you should consider updating or upgrading your firewall to ensure you are protected from all potential threats and attacks. You wouldn’t want to walk into battle with the Kevlar missing from your bulletproof vest, would you?
4) Map out your cyber security battle plans:
Cyber security must be a core pillar of your IT strategy. This allows you to put clear, enforceable procedures and protocols in place, and to also ensure you are receiving the necessary support from your IT vendors.
For example, Microsoft regularly sends security patches for Windows to fix bugs in its systems that can leave users and organisations vulnerable to cyber security attacks. Without these patches, you leave your business very much exposed.
By having a clear strategy, you can also make sure you have a plan in place for updating and upgrading your infrastructure, training your users and testing your network and devices. The necessary budget can then be set aside to cover the cost of implementing these changes.
A plan allows you to prepare in advance and to spread out the workload and cost without leaving your business and systems exposed.
5) Cyber Essentials:
Cyber Essentials is a government-backed scheme to help businesses protect themselves from the growing threat of cyber security attacks, and is a pre-requisite for any organisation looking to secure government contracts.
By going through the process, organisations take a step back and analyse what protections and procedures they have in place and identify what they are, and aren’t, doing well. Once any shortcomings have been identified, they can then implement the necessary changes.
This, in turn, can reduce the chance of a business falling victim to a cyber security attack by up to 80%. It also means the organisation can work in the public sector and, above all else, prove to clients that they take cyber security seriously.
These are just five ways to help prevent cyber security attacks; individually they will make a difference but combined they are a powerful force in your efforts to fight back against hackers and data breaches.
Like I said, the best form of defence is offence, and organisations that are proactive in their approach to cyber security are the ones that are able to keep attacks at bay.
For more information, visit https://www.bluelogic.co.uk/it-support-services/managed-security-services
Our BQ Bulletin emails will land in your inbox at 7.30am, Monday to Friday, with a mix of the latest local business news, national news, and features to inspire you. Sign up here!
Click here to read our privacy statement