July 25, 2017 / By Ryan Hirst
Improving Your IT Security
With hacking stories hitting the headlines and fears of cyber attacks on the increase, most companies realise effective IT security is critically important. Here are five things your business can do to improve in this vital area…
1 | Prepare for disaster with backup and disaster recovery plans
The SAS say, ‘train hard, fight easy…” this is not quite the same thing but by preparing for worst case scenarios, you will give your business an advantage in the event of major IT problems.
A data backup plan which is regularly updated is essential. Just as important, is a disaster recovery plan which sets out exactly how your team will respond in the event of a data breach or significant system error. A sound IT security policy should also be in place, which includes key information such as user permissions and important data assets. Contact us for a sample policy template.
2 | Improve internal communication and processes
This follows on from the previous tip. By ensuring that every member your team understands the practical details and implications of your IT policies, you will supercharge their effectiveness and you will make it less likely that your business suffers from cybercrime. For example, an attempt at increasingly common CEO fraud might involve a fake instruction to pay an invoice appearing to come from a senior member of your staff via email. This is known as spear fishing. By ensuring that multiple sign-off is required for large payments, you will combat problems like this.
3 | Get a firewall fit for 2017
A firewall that is fit for purpose and capable of dealing with today’s rapidly changing IT challenges and emerging threats is a good investment for your business. An up-to-date firewall will pick up the current threats and the latest computer viruses. You should offset the cost of installing this type of protection known as a Unified Threat Management Firewall or U.T.M. against the potential productivity loss that would occur during a major outage.
4 | Improve IT training and increase awareness
Operator error is often the cause of many IT problems and security breaches. A member of your team might click on something they shouldn’t or inadvertently install some spyware. Educate your users with some basic DOs and DON’Ts and explain to them how one individual action can compromise an entire system. Advice on strong passwords is also important and regular training will help to achieve this. Our phishing user training service which sends fake phishing emails and monitors users that open the links is a great way to increase awareness.
5 | The importance of email filtering and scanning
Every email that comes into your business should be spam filtered and checked for viruses. The same goes for your outbound messages. Up-to-date software and antivirus measures will help in this area. You will be protecting your own vital IT systems and, at the same time, protecting your company from being held liable for damaging those of your customers and partners.
The scanning software can also monitor and report on the unauthorised distribution of company data by staff be it either maliciously or inadvertently.