What steps can be taken to protect your systems and devices?

We have talked at great length about cyber security and the need to protect systems from attack.

The threat of a systems breach is growing all the time and businesses need to ensure they have the right safeguards in place to counter such moves, minimising the risk as far as possible.

Becoming Cyber Essentials certified is a good way of heightening your security. It’s a Government-backed programme which we fully endorse and are heavily involved with, helping businesses and other organisations meet the stringent criteria which enables them to toughen up their security. But there are other steps available.

Measures you should take

We would like to go a little deeper in this blog into the actions you should be taking to ensure basic cyber security measures are in place to protect the networks, systems and devices that you rely on so heavily.

They are important safeguards at all times but become an even greater necessity during periods of heightened cyber threat. To help us illustrate the steps you should take we have drawn on some essential guidance recently issued by the National Cyber Security Centre. We hope you find it useful:

Patching in place

All laptops, desktops and mobile devices used within your organisation and by all staff should be patched, including third-party software like office productivity suites and browsers.

Ensure firmware, internet-facing services and important business systems are patched wherever possible and have measures in place to adequately cover areas of weakness where unpatched security vulnerability exists. It is worth remembering that unpatched security vulnerabilities on internet-facing services are an unmanageable risk.

Tough access controls

Employees must have passwords unique to your business systems that are strong and not shared. No longer used or unrecognised user accounts should be deleted and if you have Multi-Factor Authentication (MFA), ensure it is configured properly and in accordance with company policy.

Constantly review accounts with administrative or privileged access, ensure they are managed correctly and whenever possible use MFA. Privilege can refer to both system administration and sensitive resources or information, so ensure resources are always adequately protected.

Are your defences robust?

Antivirus software should be installed on all systems and devices and its integrity checked regularly to confirm it’s working as it should and updating correctly. Check firewall rules are right and investigate any temporary rules that may be in place beyond their expected lifetime.

Monitoring and logging action

Be aware of where your logs are stored, monitor key logs and if only as a minimum requirement, monitor antivirus logs. Your logs should be retained for at least one month if at all possible.

Backups in place

Confirm backups are functioning properly and carry out test restorations from your backups to ensure the process is familiar and understood. Have a regularly updated offline copy of your backup available to slot in immediately if your systems are breached, and that machine state and important external credentials, including access tokens and private keys, are also backed up.

Making a plan

You must have an incident response plan in place. It must be up-to-date and include contact and escalation details – information like who needs to be available to make key decisions, particularly out of normal hours, and the communication mechanisms that will be available even if business systems are not.

Your internet footprint

All records of your external internet-facing footprint must be correct and up to date. This includes IP addresses and domain names belonging to your company, and domain registration information needs to be held securely. Carry out an external vulnerability scan of the entire internet footprint, checking that everything is patched which needs to be.

Responding to phishing

Make staff aware of how to report phishing emails and that you have a process in place to deal with them.

Understanding third party access

If parties outside your organisation have access to your systems, ensure you fully understand the level to which this extends. Delete any access which is no longer required.

Brief your team

Ensure your staff know the risks and threats to your operating systems and that they remain vigilant to the dangers at all times. See that complacency doesn’t set in and that regular training and updates are made available to staff to help minimise the risk of attack and that they are aware of the procedures they should follow if a threat is identified. 

These are all important steps to take in toughening up your security to ensure your systems remain safe from attack. The other vital thing to consider is hiring an expert who will do this for you and advise on any other relevant actions you should be taking – which is where PC Net comes in!

Our experts have a great deal of experience, dealing with these issues on a daily basis, so to find out more about how we can help you call us today on 01743 290588.