IT Security 101
Is your business network secure? Ransomware attacks grew substantially in 2016 costing small business owners thousands of dollars in fees, lost revenue and lost productivity. Cyber-attacks on business networks continue to grow, with social-engineering attempts becoming a cottage industry for cyber crooks. To help ease your mind, here’s how to protect critical data and keep your business network secure.
- Start with a Risk Assessment or Network Security Scan to determine potential security threats. Use the results to create a strategy to better protect your business.
- Implement a Password Policy from the top down. Business network passwords should be complex requiring 8+ characters, upper and lower case letters and numbers. Passwords should be set to expire every 90 days. Consider adding Two Factor Authentication, and investing in an enterprise grade password vault for your employees. Never save passwords in browsers and always use unique passwords for different accounts.
- Make sure your network devices are secure and remote access ports are locked down. Remote access through VPN or RDS is best practice. Attacks on open RDP ports are common
- Keep network software including operating system, third party applications like Adobe, Flash, and Chrome up to date. Your business network requires proper patch management. All network devices should have a scheduled reboot, so patches are properly applied.
- Train your employees continually to be aware of newer attack vectors. Social Engineering scams work in part because employees are innately trusting and unaware of the threat. Consider monthly lunch & learns to teach employees about constantly evolving cybersecurity threats and review security policy.
- IT Security Policies should provide a clear set of rules for employees to follow. If cyber security is embraced from the top down, then employees are more likely to adapt.
- Invest in a secure backup and continuity plan. Make certain your network backup is imaged base, stores data both locally and in the cloud. Your backup should provide instant virtualization in the event of an outage. Backups are an insurance policy, so that should the worst happen, your business recovers quickly with little disruption to critical services.
This list provides the basics for security your network. For cybersecurity tips and free webinar based training for business, check out uscomputer.com.
Nancy Haddad is Director of Sales and Marketing for U.S. Computer Connection, Business IT Support Specialists. If you need a network security assessment, contact Nancy at firstname.lastname@example.org.