There are different types of cyber criminal. Some are interested in making money through fraud or from the sale of valuable information. Some are industrial competitors or foreign intelligence services interested in gaining an economic advantage for their companies or countries.
Others are pure "hackers" who find interfering with computer systems an enjoyable challenge. Then there are "Hacktivists" who wish to attack companies for political or ideological motives.
Lastly, closer to home, you have Employees, or those who have legitimate access. They may attack your systems through accidental or deliberate misuse.
Many companies have experienced security breaches with each one costing thousands of pounds.
Here is some general guidance to help keep your business secure:
How Can I Protect My Business from Cyber Crime?
1. Educate Your Users
Staff need to be educated about cyber risks, especially in respect of emails and browsing web sites.
Basic education should include how to create strong passwords and to beware of clicking on any links they are not sure of.
2. Keep Your Network Secure with a Firewall
Your firewall is your gateway to the internet and it protects you from outside attacks. It monitors and blocks unauthorised access and malicious content.
Even with a secure firewall in place it is still important to have regular security checks and controls.
3. Keep Anti-Virus and Malware Software Up-To-Date
Make sure your anti-virus and malware software is kept up to date. It needs to be monitored daily.
4. Enforce a "Strong Password" Policy
Make sure users change their passwords regularly and prevent them from selecting ones that are easy to guess. Make sure that accounts are locked out after a low number of failed login attempts.
5. Put Controls on the Use of Removable Media Controls
Make sure you have a policy in place to control all access to removable media, such as memory sticks. Limit media types and their use. Scan all media for malware before connecting it to your network system.
6. Manage User Access and Privileges Carefully
Establish effective management processes and keep the number of privileged accounts to a minimum. Limit user privileges and monitor user activity. Control access to activity and audit logs.
7. Put a Disaster Recovery Plan in Place
It is essential to have a working Disaster Recovery Plan in place, which is tested regularly.
You must take regular backups of your servers and data. These need to be kept securely off-site.
Any criminal incidents must be reported to the police.
8. Monitor Systems and Networks Constantly
You should continuously monitor all systems and networks to make sure that the network is secure and that anti-virus software is kept up to date.
9. Implement a Clear Home and Mobile Working Policy
Mobile workers with laptops and tablets need to be extra vigilant when using their device outside the office.
To protect your business, make sure they have strong passwords and that data stored on their device is encrypted.
10. Install Recommended Software Patches Fast
Apply patches at the earliest opportunity in order to limit exposure to known software vulnerabilities. Ensure the secure configuration of all systems is maintained.
For help and advice on protecting your business from cyber crime please call us on 01273 384100 or email us at sales@cnc-ltd.co.uk.
|