Hackers have become increasingly sophisticated in recent years and even more so during the pandemic - We are seeing an increase in the number of attempted attacks designed to target people who are isolated at home. Breaches, regardless of the severity, can be disruptive, costly and damaging to a business’ reputation.
Create a more security-aware organisational culture
Security awareness is a large part of the human side of prevention. Often, people are the weakest link and the best way to mitigate against this risk is to ensure staff are aware of the latest threats; Highlight attempted email scams so staff can know what to look out for and communicate to users the processes for reporting SPAM.
‘Many of our clients request an alert when a potential SPAM issue is logged so that they can monitor the types of threats that are coming into the business and use that information for educational purposes.’ Joe McGivern, CEO, supportIT.
Agree Policies that relate to devices that are used in the Home
We are advising companies to put policies in place for work devices that are in use in the home. These should exclusively be used by the employee, not friends or family. We are also advising clients to have a ‘Bring your own device’ policy; devices that staff are intending to use should have strong Anti-Virus software installed and be updated to ensure the latest security patching is in place.
Strong Group Policy & Password Settings
As a managed service provider, we put particular emphasis on strong group policy settings; forced password changes, minimum password length, screen locks & software installation restrictions can all be activated centrally and pushed out to every machine for enhanced security.
Strong password policies should also apply to 3rd party applications being used in the business like CRM applications and Finance applications – discourage sharing passwords and create logins for each individual user for audit trail purposes.
Use Virtual Private Networks (VPN)
A VPN is needed if you are planning for home workers to connect into the company network, particularly if you want to make sensitive information available. Ensure your business has enough licenses in-place to allow all your remote workers to access the network and reinforce with the SSL security protocol and multi-factor authentication.
Ensure you have adequate Anti-Virus solutions in place
The best products are those that are paid solutions with proven detection rates. Make sure that you include phones, tablets, and especially, laptops. Our recommendation is Webroot, it is an award winning solution with high detection rates that isn’t too heavy on the machine.
Two Factor/Multi-factor Enablement
Most business applications now have two factor/multi-factor enablement. This can usually be activated within the application itself and is best practice to ensure your application is secure, particularly if you store personal identifiable or finance data.
Data Loss Protection (DLP)
For those organisations that have more stringent compliance regulations, we have been recommending an added layer of protection, called Data Loss Protection (DLP). DLP is a built-in feature of Office365 and can be activated through the management console.
If it happens, deal with it correctly
The reputational damage resulting from a data breach can be devastating for a business. Research has shown that customers will stop doing business with organisations that have been breached, which is why it is so important to take the steps above to mitigate against this possibility. However, in our experience if it does happen confidence can be restored if customers knows that you have taken the proper steps by notifying them and the data protection commissioner of the breach, and then put policies and procedures in place to ensure it doesn’t happen again.
For more information visit - supportIT or contact Tara directly at tdoyle@supportIT.ie
Set-up in 2004, supportIT provide fully managed support, infrastructure and business continuity services to over 180 businesses and 3000 users nationwide.
Dedication, knowledge and trust are the main reasons why businesses choose supportIT as their IT solutions and support partner. We are a relationship driven organisation and work closely with every one of our clients to support and protect their infrastructure while providing solutions that are aligned with business and security requirements. www.supportIT.ie
About Tara Doyle
With over 20 years marketing experience in the technology sector, Tara Doyle is Sales and Marketing Director and co-owner of supportIT.
‘Running an SME means that I have had to get involved in all areas of the business over the last 16 years, but I really enjoy my work the most when I am working on the business development side of things. Marketing and Business development are the areas I am trained in and I genuinely enjoy developing relationships with potential SME clients that can grow into real partnerships - A large proportion of our clients have been with us from the start and we have become an integral part of their business.’