Companies across North America are struggling to keep their businesses moving forward while at the same time providing new remote working capabilities for their employees. While this may be an opportunity to gain productivity through new technology, some hackers and other bad actors also see an opportunity to deploy new security attacks on end users.
Unfortunately, many companies could suffer an increased threat level as cyber-attacks and social exploits find new targets as workers move to home systems. It it critical for your IT teams to more vigilant than ever in protecting your systems and environments, as well as communicate clear policies and procedures for your employees who work from home.
There is no shortage of creativity when it comes to these new threats:
- Fake COVID-10 outbreak maps shared on social media that download malware
- New styles of phishing scams on the increase that harvest user credentials from home systems
- Attacks through open ports, FTP servers and SQL exploits
Some of the most insidious attacks are using worries around COVID-19 to encourage users to click through on malware-laden emails. All of these threat require your team to be more proactive that ever before.
Here are six steps you can take to protect yourself against rising cyber-crime.
1. Let Tridex Systems Conduct a Security Audit
An important area we help our clients with involves the control of their network infrastructure with VPN, firewalls, intrusion detection, email security, encryption and the development of security policies for your team. With everything you’re trying to manage right now coupled with the increase in cyber-attacks, it can be very difficult to keep up on the latest in security. That’s where the experts at Tridex Systems can help with a security audit.
When we conduct a security audit for our clients, we identify the weakest parts of your system and design policies and procedures for you to avoid the worst security breaches. We’ll look at things like threat management capabilities, compliance, remote working access, keeping your systems and OS up to date, web security, routers and VPN, network health and security, malware protection and more.
2. Raise Awareness of Cyber Security With Your Employees
The majority of attack attempts come from scams directed at end users. Many people in your organization may simply not know the basics about safe computing. They aren’t aware of phishing or email scams, issues with web-conferencing software or messaging app exploits. They can be the most vulnerable to attacks from scam artists posing as real members of your organization. Many attacks on home users are simply attempts to get to credentials and other sensitive data and contacts through these simple means.
Educating your employees is as important as installing firewalls. Take the time to carefully explain your security policies and procedures to your entire workforce. You might also consider sharing this information with your partners and customers. You may think that your customers don’t care about your security policies, but many of them will feel assured that you are taking the right steps to safeguard you business.
3. Stay Updated on Current Versions
You need to make sure your software, hardware and network equipment is as current as possible to help prevent cyber attacks. All it takes is the smallest hole or weakness in your system to allow hackers inside.
Updating your software and hardware can be arduous, but it’s absolutely necessary. Running old versions is the same as leaving your back door open in your building. You’re practically inviting trouble and access to your most sensitive data.
4. Plan For Backups and Redundancy
Even the largest well run companies are subject to eventual breaches. In the last few years companies like Marriott, Adobe, LinkedIn, Yahoo, Heartland Payments and many others suffered large scale data breaches. While hoping it never happens to your company, you should plan for the seemingly inevitable successful attack. That means planning for redundancy and backups to keep your business running after an attack.
At Tridex Systems, we help you do this by supporting and designing your infrastructure for redundancy and spare capacity. Next, we make sure that you are able to recover and restore the most important elements of your business and data so that you can return to regular business as quickly as possible after an event. We also help you prepare for a number of contingencies that help you deal with extraordinary disasters.
5. Watch Your Physical Security
There are fewer people in your physical location these days. While COVID-19 may be sending many workers home, thieves don’t follow the same rules in their line of work.
When your employees went home, what did they do with their badges and credentials? You wouldn’t leave your house or car keys lying around for thieves to find, similarly you should leave ID cards, payment cards, HR and accounting files, and cell phones or mobile devices unattended and in the open. If your employees didn’t take these items with them, they need to be locked away.
6. Be Smart About User Access
Your employees need access to your systems and data to keep your business running; however, not every employee requires the same level of access. Limiting access to users and roles minimizes risk. Hackers are very adept at hiding network-crippling malware inside of innocent looking documents. Allowing everyone in your organization to open documents, download games or run new untested apps can expose you to a world of hurt.
Even something as simply as leaving your WiFi network unprotected gives an attacker an opening into your network. While they may not immediately reach the most sensitive information through your WiFi, they could have an opportunity to start sniffing around for other openings or users. By requiring password protection on your WiFi network and unique logins for all your systems, you significantly limit a hacker’s ability to breach your systems. It may be annoying to have to change or reenter passwords frequently, but it keeps attacks at bay.
Allowing shared user account increases your threat as well because it exposes shared password to multiple users. It also makes it more difficult to track down the source of a breach. And if one of those employees leaves your company, it can up your threat level even higher.
We’re Here To Help You
Which of these six steps do you already have in place and which will you need to ramp up? Few people in a distribution organization are network and security experts. That’s why we’re here to help you implement any of these six steps as quickly as possible. Please contact us today for a free networking and security consultation.