Let's face it. Hackers are here to stay and in recent years the threats have only grown.
Beyond traditional fraud, cyber criminals have found ways to make money by encrypting your data and holding your company hostage or stealing, selling and using valuable business and personal login credentials . This article will share with you all the important things you need to learn about modern security in plain english.
WHO IS HACKING AND WHY?
- Hobbyist - Techy kids and general buffs do it as a challenge
- Thieves - Attacks designed to trick people and steal direct deposits, gift cards or wire transfer
- Organized Crime - Classical organized crime syndicates have moved into the internet for new sources of revenue
- Bad Actor Nation States - State funded hacking has multiple purposes including digital warfare and intellectual theft
- Traditional Viruses - Cause damage for no reason or turn your computer into a bot
- Ransomware/Cryptolocker - Modern ransomware viruses that encrypt your files and charge you a
- Identity Theft - Campaigns designed to steal your credit to then open credit cards or steal tax refunds
- Theft - Attacks designed to trick people and steal direct deposits, gift cards or wire transfers
LAYERS LAYERS LAYERS
No single security measure is enough to protect you from all the threats. the only way to achieve security is multiple smart and modern layers.
Now called Endpoint security
Crypto locker/ransomware roll back feature - This allows you with single button to rollback any changes that a cryptolocker may have made to a computer so even if a new virus comes in and starts to corrupt your data the new antivirus have a feature to roll it back. It's not 100% effective but it has pretty good efficiency.
Artificial intelligence behaviour analysis (Not just old school definition- based detection) - The new antivirus will study the behavior of what's happening to the computer and if it's malicious behavior or a behavior that is not predicted in the norm then it will start to block that.
Next generation firewall is a must
- It should have network virus scanning
- It should have web filtering so as to block you from certain websites because hackers are constantly trying new
- It needs to be able to isolate infected computers, so even with all the protections computers can still get infected by some kind of new threats so the modern antivirus needs to be able to lock that computer up so it won't go and start infecting the servers or other
- It needs to be centrally cloud controlled - A standalone firewall is not as powerful as the one that's part of general hive of other firewalls that learn from each other and get updates constantly pushed to them.
It also needs to have artificial intelligence - It needs to watch the network and be smart enough to recognize anything off happening on the network.
OFFICE 365 SECURITY
Advance spam filter - A lot of threats come in through email and they're targeting office 365 your email sharepoint so you should have advance spam filters that is correctly configured or another third.
External email flag - Any emails that come in from outside should be flagged that they come from outside because hackers can mimic the CEOs or CFOs of companies and ask for wire transfers.
Third party backup - Don't rely on Microsoft's backup because their system is not designed with a modern backup in place. And have user security training just as another layer of security to protect your company.
MULTI-FACTOR AUTHENTICATION (MFA) Strategic systems MUST be secured with MFA
You should have MFA enabled for office 365 of remote tunnels, what MFA does is it pops up on your phone saying that a website is trying to access or if you've accessed your bank recently. The most secured MFA is in app on your cell phone and it shouldn't be tied to your cell phone carrier like Verizon or an AT&T because they are much easier to trick.
Email marketing system (Constant Contact, Mail Chimp, Hubspot) - These systems are easily compromised and hackers can email the entire client list a link to a virus so it is important to secure them with MFA.
CRM (Salesforce, Sugar, Hubspot), File sync and share (Dropbox, Egnyte, Box) should also have MFA on them
Google Account or Firefox and password manager where your passwords are saved should have MFA on them as well as your website and domain registrar
BACKUP & DISASTER RECOVERY
Critical to recover from ransomware/Cryptolocker - Sometimes cryptolocker will come in and get through layers of security and encrypt the business, having a real robust back exhaust recovery system is Recovery Time Objection. RTO is a duration of time it will take to restore all applications and system after an outage.
Recovery Point Objective (RPO) is the point in time to which you will restore your data after a disaster.
All share drivers, databases & servers need cloud backup and disaster recovery location. Office 365 &sharepoint need to be backed up, must be automatic and must be compliant
Here are the essential rules:
- Don't write password on a post-it note
- Don't reuse key passwords because if they succeed to get one they will try it to access other places and if it's the same then everything is
- Have strong password : 1 capital, 1 number, 1 symbol, 8 characters
- Use personal password manager
- Have company password manager
- Enable MFA for your password manager
Be aware og the following facts and follow those general rules:
- Scammers are always trying new angles
- Be careful where you click
- Be careful who you give your private information to
- If it sounds too good to be true, it probably is.
PATCHING & UPDATESUnpatched computers are vulnerable even with all the best security. Your IT team should be patching your computer automatically and should be rebooting computers weekly to apply patches or have a process to identify if you have not rebooted in a while.
SOLID IT TEAM
All security layers are researched, planned, installed and maintained by your IT team - Don't try to do this alone. Small IT teams less than 10 people can't keep up with proper cyber security.
- Experience matters
- Tool investments matter
- Specific compliance experience is important
- Consistent rhythm for strategic meetings
- Your IT team needs to be protecting themselves
There are always more layers . The first 9 are 99% of what you need
- Add cyber insurance
- It's not that hard or expensive to set up the first It just takes a little investment and will
- Being secure is a good feeling. Being insecure is something to keep you up at night
- If you are in financial services, health care or .. Compliance is critical. Breaches and penalties could cost millions. Get serious about security proactively
Cyber crime is the greatest threat to every company in the world - it might become the greatest threat to every person, place and things. With evolving technology comes evolving hackers our best defense is to stay informed and learn all there is to know about cyber security.
© Alex Markov and Michael Santosusso. Article prepared by the Qualified.One editor Margaret Barnabas.