Security Tools

General Security Issues Ransomware, Phishing and other Malware Risk Analysis and Security Strategy Security Tools

Protecting your business from cyber attacks – Part 1

Protecting your business from cyber attacks and scams is a challenge, and I get it, it can be expensive, especially when the most effective solutions are aimed at enterprise businesses with big budgets that SMEs simply can’t match. And that of course, is why they are so tempting to the cyber criminal. Cybersecurity is an ongoing effort. It’s important, no matter how difficult you may think it is, to stay informed about the latest threats and continuously adapt your security measures to address emerging risks. SMEs and local IT company’s simple can’t afford professional cyber security advice and skills, so consider consulting with cybersecurity professionals for additional guidance tailored to your specific business needs.

There are a number of protections that you need to consider.  I’ve picked the top 5, at least in my opinion, but that’s far from exhaustive.

  1. What are the best practices for keeping my business secure from cyber threats? A sound strategy is a mixture of process, procedure and technical controls, coupled with sound security awareness training.  Here are some of the highlights:
  • Strong Passwords: Enforce the use of complex, unique passwords for all accounts, and consider implementing multi-factor authentication (MFA) for an extra layer of security.
  • Regular Updates: Keep all software, operating systems, and applications up to date with the latest patches and security updates to address known vulnerabilities.
  • Employee Education: Train employees on cybersecurity awareness, including recognising phishing attempts, social engineering, and safe browsing habits. Regularly remind them about the importance of maintaining security practices.
  • Network Security: Use firewalls, intrusion detection and prevention systems, and virtual private networks (VPNs) to safeguard your network against unauthorised access.
  • Data Encryption: Encrypt sensitive data both in transit and at rest. This helps protect data if it is intercepted or stolen.
  • Backup and Recovery: Regularly back up critical data and test the restoration process. This ensures that important information can be recovered in the event of a cyber incident.
  • Access Controls: Implement a least privilege approach, granting employees access only to the resources they need for their job roles. Regularly review and revoke access for former employees or those who no longer require it.
  • Incident Response Plan: Develop an incident response plan that outlines the steps to be taken in case of a cybersecurity incident. This helps minimize damage and facilitates a swift recovery.
  • Vendor Management: Assess the security practices of third-party vendors and partners to ensure they meet your standards. Establish clear security requirements and monitor compliance.
  • Periodic security assessments, remember nothing stays the same and new vulnerabilities and threats emerge all the time.
  1. How can I protect my business from phishing, malware, and other online attacks?
  • Employee Education: Train your employees to recognise and avoid phishing attempts. Teach them how to identify suspicious emails, links, and attachments. Encourage them to report any suspicious activity promptly.
  • Strong Passwords: Enforce the use of strong, unique passwords for all business accounts. Consider implementing two-factor authentication (2FA) for an extra layer of security.
  • Regular Updates and Patches: Keep all software and operating systems up to date with the latest security patches. Regularly update antivirus and anti-malware software as well.
  • Secure Network: Implement robust network security measures, including firewalls, intrusion detection systems, and secure Wi-Fi networks. Regularly monitor and audit network activity for any anomalies.
  • Email Protection: Deploy email filters and spam blockers to prevent malicious emails from reaching employees’ inboxes. Consider using email authentication protocols such as SPF, DKIM, and DMARC.
  • Web Browsing Security: Advise employees to exercise caution when visiting websites, especially those with suspicious or unknown origins. Encourage the use of secure browsing practices, such as avoiding clicking on unfamiliar links.
  • Data Backups: Regularly back up all critical business data to secure, off-site locations. This ensures that even if malware or ransomware attacks occur, you can restore your data without paying a ransom.
  • Incident Response Plan: Develop a comprehensive incident response plan outlining the steps to be taken in case of a security breach. This plan should include communication protocols, containment measures, and recovery procedures.
  • Ongoing Security Awareness: Maintain a culture of security awareness within your organisation. Regularly remind employees about the importance of staying vigilant and following security best practices.
  1. What type of cyber security training should I provide for my employees? It’s important to cover several key topics.  Here are some suggestions:
  • Phishing Awareness: Teach employees how to recognise and report phishing emails, suspicious links, and potential scams.
  • Password Security: Educate employees on creating strong passwords, using password managers, and avoiding password reuse.
  • Social Engineering: Raise awareness about social engineering techniques, such as pretexting and tailgating, and provide guidelines for handling suspicious requests.
  • Data Protection: Train employees on handling sensitive data, including proper data classification, encryption, and secure file transfer methods.
  • Malware Defence: Teach employees about malware threats, safe browsing habits, and the importance of keeping their devices and software up to date.
  • Mobile Security: Highlight best practices for securing mobile devices, such as using secure Wi-Fi networks, enabling device encryption, and being cautious about downloading apps.
  • Incident Reporting: Establish clear procedures for reporting security incidents, so employees know how to promptly and effectively respond to potential breaches.
  • Remote Work Security: Provide guidelines on securing home networks, using VPNs, and maintaining the security of devices when working remotely.
  • Physical Security: Emphasise the importance of physical security measures, such as locking screens, securing work areas, and preventing unauthorized access to sensitive areas.
  • Ongoing Training and Updates: Keep employees informed about emerging threats, new attack techniques, and evolving security practices through regular training sessions, newsletters, or online resources.

Remember to tailor the training to your organisation’s specific needs and provide practical examples to reinforce the concepts. Training should reflect the policies and processes that you have put in place.  Additionally, consider conducting periodic security assessments and simulations to test employees’ knowledge and readiness.

  1. How can I secure my customer data, and what regulations and best practices should I follow?

To a large extent, this is going to depend on what regulations and requirements the industry that you work in, require of you.  However, there are some things that remain common.  For instance, UK GDPR, the Computer Misuse Act, Financial regulations requiring you to maintain records for 7 years, which, for some industries (financial services, legal etc), can require a considerable effort.  One of the first requirements will be finding out where all your data actually is.  I know many will say well, I know where it is, it’s on my cloud and/or network storage.  But is it?  How many records containing personal identifiable information (PII), has been copied from one directory to another, usually for sound working reasons, or perhaps attached to email and not removed thus leaving a copy of it residing on your email server, etc.  Once you know where it is, then you can start to assess the risk.

  1. How can I quickly and effectively respond to a cyber security incident?

This is a procedural issue.  Do you have a sound incident response plan, which ideally is linked to a business continuity plan?  Are these the same thing?  An incident response plan is just what it says, it’s how you respond and technically recover from a security incident.  Whilst business continuity is about how you continue to work and service your customers whilst recovering from the incident.  Deeply related but not the same thing.

Next week I’ll take a look at the next 5 steps on my list, which are:

  1. What steps should I take to protect my business from ransomware attacks?
  1. What can I do to ensure that my data is backed up in case of a cyber attack?
  1. What cyber security measures should I put in place to protect my business from external threats?
  1. How can I stay up-to-date with the latest cyber security threats and best practices?
  1. What steps should I take to ensure my business is compliant with relevant regulations and industry standards?

[/et_pb_blurb][/et_pb_column][/et_pb_row][/et_pb_section]

Security Tools

Is Anti-virus to cure all that many SMEs seem to think it is?

In the SME world there is an instilled view that anti-virus, along with a firewall or two, is the knight in shining armour, constantly battling malicious threats. But is it always the hero we think it is? Let’s talk about duality – the good and the not-so-good side of anti-virus software. On the bright side, it’s an essential tool for digital safety. It stands as our frontline defence, identifying and eliminating potential threats like viruses, malware, and phishing attempts. It’s a relentless protector, working round-the-clock to safeguard our valuable data. So far so good.

However, no knight is without its flaws. Anti-virus software can sometimes be overzealous, flagging innocent files as harmful. This ‘false positive’ can disrupt our workflow, especially when essential files are blocked. Moreover, no anti-virus software provides 100% protection. Complacency can be our undoing, leading us to believe we’re invincible behind our digital shield. So, what’s the bottom line? Well, anti-virus software is a necessity in today’s world, but it’s not a fool proof solution.

So why do SMEs think it is?  Well, there’s probably several reasons for that and chief amongst them will be the constant companion of an SME, cost.  If you can convince yourself that a solution solves all, or most, of your problems in one hit, then that’s going to be a winner in your mind.  There is also an issue with the larger IT and Cyber Security companies, that they have largely ignored SMEs because they don’t produce the financial rewards that their bigger clients do. So, they have been happy to pass off software sales, like AV, to their sales channel, and allow their re-sellers to push those products on their behalf.  Sounds good except that often those re-sellers simply don’t have any more in house cyber skills than the SMEs themselves, so there is no guarantee that what they are selling is what the SME needs.

Now, I’m not knocking your local IT support company, they do what they do and generally do it well.  Generally, they like to stick to the tried and tested products that they have been selling for years and tend not to buy in to innovation easily.  Can’t blame them, they are as beholden to the bottom line as the rest of us.  And the various flavours of AV fall into that category.

This is where we part company with such companies.  We are very much involved with innovation, looking at new ways of solving old problems, and new ones as they crop up.  The only way an SME is going to get the protection they need and deserve, at a cost they can afford, is via such innovation.  We have been working with Platinum High Intensity Technologies, or Platinum-HIT.  This is a new PROACTIVE Managed Security Service Solution for Endpoint in the class of Anti-virus, anti-malware, anti-ransomware.

So, what’s different about it?  Surely, it’s just another version of AV?  Well, no it isn’t, it’s a new approach to an old and continuing problem, that solves a several problems along with way, using what is known as a Hard-Disk-Firewall or HDF.  So, what I hear you cry.  I have a personal firewall on my laptop.  Why do I need another one?  Perhaps the word firewall is a little misleading.  Read on and you’ll see what I mean.

The HDF concept is a simple one. On any computer system, data is stored either as non-runnable information data or runnable application programs. Malware is a type of runnable program with undesirable behaviours. HDF prevents malware infection by stopping malware program files from being stored and run on a computer. HDF functions as part of the Microsoft® operating system.

From the perspective of the computer operating systems, malware or viruses are simply another form of application program. From a human’s perspective, malware is existential threat that we do not want to run on our systems. HDF works by stopping any additional program from saving on a fully working and virus free computer unless the system administrator/owner allows a certain specific program to install.

The approach is to deny write access of runnable program files to any storage devices irrespective of the user’s right and privilege on the computer. For example, the control is so absolute that administrator/user cannot bypass, intentionally or by mistake.

Other than blocking install of malware, the computer functions as normal, and HDF operates to- tally transparently to end users. For example, running applications, opening, reading, saving, and deleting non-runnable data is not affected.

Device independent – effective on all storage devices supported by the underlying operating systems, e.g., hard disk, USB token device, tape drive, optical writers (CD or DVD writer) and any future device which relies on the operating system to provide read and write functionality.

Data location independent – works identical on local and remote storage devices including write access from wired and wireless networks, infrared and blue tooth etc. No hardware component. Implemented as a component fully integrated into the operating system, effectively becomes part of the operating system and not a separate application. Making the operating system immutable.

HDF does not require any prior knowledge of file and data contents. The system just stops any data to be saved that can be run on a computer, including all known or future malware. This indiscriminately stops polymorphic viruses, ransomware, zero-day threat and renaming any data file back to runnable programs.

HDF does not rely on Microsoft security operating system patches and in of itself no regular updating is required.

HDF security capability has NOT degraded since commercial deployment in 2008. There has never been a CVE attributed to the HDF solution.

So yes, whilst this system has been around the defence and nuclear space for some time, it’s very new to the SME market, and in fact, to the enterprise market for that matter.

Is your AV due for renewal soon?  Before you just push the button and renew, have a word with us first.  We just might have what you are missing, and you might be surprised at how affordable it is, considering it’s managed for you at no additional cost.

Scroll to top