Cyber security is a hot topic these days. It’s an area where no matter what, you can always pay more. Unfortunately, a lot of our competitors lead this discussion with fear. We believe 90% of small and medium sized businesses can adequately protect themselves with a nominal investment. At Generation IX, we include entry level coverage in our “All-In” contract.
However, a handful of our clients do need next level security. To better understand what is out there, I sat down with our Solutions Architect, Shawn Sachs. This guy has a brain for tech, and can also break it down into non techie terms.
In this post I go over:
Key Considerations when designing a security suite:
Cloud vs. on-premise vs individual workstations vs. mobile devices
- Where is the information stored?
Threat: company vs. individual
- Are we trying to protect an entire company, or just a specific individual?
- Is it all members of the company or just a few select departments?
- Just the VIPs?
Pointed attacks vs. shotgun attempts
- What is the likely hood of you or your firm being specifically targeted?
- What is the demographic of the firm?
Financial vs company data
- Is the threat to financial information or to proprietary data?
Threat: losing data or somebody learning information
- Is the concern losing access to information? Or a third party gaining access to company/personal secrets?
- For lost access, is temporary loss acceptable?
Next We Identify Vulnerabilities
Here we are looking at what is trying to get through or around your firewall. The first step in protecting from external threats is limiting what can be accessed from the outside.
- What applications are facing the outside?
- What applications/data can be accessed offsite?
* This does not include hosted applications.
Internal Security Threat
Once they’re “in,” how hard it is to jump around from device to device. After the trojan horse gets in, are the soldiers running wild or are we able to quickly quarantine and close off sections.
Examples of internal protections that require no extra software investment:
- Properly VLAN: a VLAN virtually segments a network to prevent hopping around.
- Regularly applying patches: security updates for hardware and software.
- Misconfiguring: Make sure all security vulnerabilities are for business reasons and not mistakes.
- Demilitarized zone (DMZ): Additional subnet added to be a buffer between the internet and internal network
Security Suite: The Basics
In addition to properly setting up a network, there are some standard security services we recommend for all businesses.
Antivirus is the term most people know. Viruses fall under the larger malware umbrella. Malware includes viruses, spyware, adware, nagware, trojans, worms, and more. All computers should have antimalware in place.
Employee Education (Phishing)
Phishing attacks are getting better and better. These refer to fraudulent attempts to learn usernames, passwords, financial information, or other personal data using the guise of a trustworthy entity. One of the best protections for this is employee education.
Additional Phishing Precautions:
- Simulate phishing attacks. This way you can now which users are the most susceptible.
- With some simulations, the employee can be suggested trainings when they are caught.
- Outlook add-in: Detects and reports phishing attempts.
Auditing Security: Access Control
Businesses grow and shrink. They experience turnover. In small and medium sized businesses, roles can change often. Employees don’t always appreciate when you take access away from them. For all of these reasons, it is important to regularly audit who has access to what.
Commonly, the owner wants admin rights. He/she owns the place and needs to have the keys to the kingdom. While we agree, it is important he/she doesn’t actually use the master passwords. They are the most vulnerable to cyber attacks.
Multi Factor Authentication
It is inconvenient and can be the cause of great frustration. However, there is no excuse for not having 2 factor authentication; at minimum, your email should be guarded. It is not an end all protection, but it does stop majority of the phishing attacks. The next step up would be to use 2-FA for any internal applications that face the internet.
Security Suite: Examples of Advanced
High end security suites are highly customized and tailored to each business or firms needs. The first step is answering the questions at the start of this post. Next, is the security assessment.
Vulnerability and penetration testing (internal and external). Below are a few vendors for software that can be used to expose all potential holes in a businesses defense.
These tools can be helpful, but we highly advise you leave it to the Pros.
Advanced threat detection:
Comprehensive end point control and monitoring tools can be used in firms that want that extra level of security. Below are two of the leaders in the space.
These tools are becoming more important in the world of smart devices.
Behavior Monitoring tools
Are employees sending company data in their personal email? Are they saving files to a dropbox account the business owners don’t know about? The barrier to technology is getting lower and lower. This can result in unplanned adoption of new tools. We are talking about Shadow IT.
Enter tools like Veratio: According to its website the tool “specializes in providing insight and actionable intelligence into the activities and behaviors of users: employees, contractors, and those who seek to steal their credentials.”
Firewall log monitoring
Realtime analysis of attempts to penetrate a firm’s firewalls. All firewall activity is logged, and this log can be analyzed using third party tools. Services like Graylog, Rapid7, and AlientVault can help anticipate future attacks.
At the end of the day, the best security insurance is insurance. Firms that offer cyber insurance can help with before, during, or after a cyber attack. How to valuate what you lost? These guys can help:
Don’t Wait for an Attack
“According to the U.S.’ National Cyber Security Alliance, 60 percent of small companies that sustain a cyber attack are out of business within six months.”
Contact your IT provider to find out what else you could be doing to improve your firm’s security.