Cybercrime is on the increase, and businesses are increasingly struggling to keep up with ever-more sophisticated forms of cyber attack. In this blog, we offer four best practices that, while they may not guarantee that you will never fall victim to a cyber threat, will at least ensure you are taking positive steps to protect your business, its data, and your customers.
- Education– A 2016 security survey found inadequate staff training to be one of the top three causes of organizations being vulnerable to a cyber attack. Personnel who haven’t been trained to recognize phishing emails, or who don’t understand the risk of connecting unsecured personal devices to a corporate network, can represent an active risk to your business. The solution? Your IT function should include within its scope the education of end users in how to recognize, prevent, and react to any cyber threat they should encounter while carrying out their workplace role.
- Anti-malware– Enterprise-level anti-malware and antivirus software is a non-negotiable necessity for any business that operates technology. It’s also important to make sure that it is fully updated and upgraded on a regular basis. Don’t always assume that just means upgrading to the latest version of your current software, either; you should periodically check whether the packages you use are still fit for purpose, or whether another provider might provide a superior level of protection from any potential cyber threat.
- Patching – A great deal of cybercrime takes advantage of software or operating systems that are outdated and haven’t been patched with the latest updates. Introduce a rolling schedule of installing patches on any systems that you actively use. Any software on your systems that you do not actively use should also be either patched or fully uninstalled. Consider purchasing patch management software to automate the task.
- Web filtering– Unlimited Internet access from workplace PCs or mobile devices is rarely a good idea. Web filtering can be used to block users from websites that could potentially be used to infect a machine with malware or ransomware – and remember that once a single PC is infected your entire corporate network can be blocked. Minimize your exposure to any potential cyber attack by deploying enterprise-grade content control software.
These four key practices, while not representative of an exhaustive anti-cybercrime strategy, should at least form a core part of your enterprise-wide IT security strategy, and will help to reduce the chances of your company falling victim to a cyber attack.