Cybersecurity defence is a daunting concept. How are you, as a business owner, supposed to make the right choices about how to secure your business against hackers, when you don’t even know how or when they’ll be attacking? Do you really need to look for a cybersecurity company?
With threats ranging from ransomware to phishing and techniques with names like “zero day exploits” and “privilege escalation,” cybersecurity feels like a journey where each step gets you deeper into a quicksand of confusion. Many companies have a hard time figuring out what to do: Do you depend on your current IT resource to get you through? Do you hire a separate cybersecurity company? Do you just do nothing at all, because it’s probably not going to happen to you?
Well, you’ve probably seen all of the statistics. It’s not a matter of if, it’s a matter of when your company will suffer a loss due to an attack at the hands of a hacker. So doing nothing seems like a bad idea, and it is. But what can you do while you try to understand your options?
Well, here are three things you can do to keep the hackers at bay, while you formulate an approach for your business. These steps can be done with no assistance from cybersecurity companies.
1.Turn on 2 Factor Authentication for Everything
Two factor authentication (2FA) is used as a second layer of defense if you log into a service with a new device that the service hasn’t seen before. It’s a great way to make sure that even if a hacker gets your password, either through phishing or finding hacked passwords from other sites, they can’t actually login and steal your data—or worse yet, use your email account to get access to more sensitive things, like bank accounts or your company’s social media accounts.
Most cloud-based services today support 2FA, including Google, Microsoft Office 365, Facebook, Hubspot, Evernote, Slack and many others. You should go through to each and every service, particular ones that you have your entire staff using, and turn on 2FA. You may not be able to force it to turn on 2FA for all of your employees at the same time. In this case you should also make sure that all of your staff does so as well.
When you turn on 2FA, if you have the choice between Token-based or SMS/Text, make sure you use Token-based. Use applications like Google Authenticator or Authy to keep all of your 2FA tokens in one place. This will make sure that even with 2FA turned on, you won’t be inconvenienced.
2. Log Everything
This one isn’t as easy to do as 2FA, but if you have a good IT provider, you should work with them to make sure that all of your servers and services have detailed logs and all of them go somewhere. Logs provide all kinds of information about your systems—for instance if someone has logged in, successfully or unsuccessfully, a log will know about it. Similarly, some logs might tell you who deleted a file on your server or when an upgrade to a piece of hardware happened.
Logging everything won’t protect you from cyberattacks. But it can help to understand how and where you’re exposed. And in the case of disaster, how you were hacked. Of course, if you don’t have logs to review, then you might never know any of these things.
Logging is easy to turn on for most services, and for a good IT provider, easy to store and backup to a central location. It’s a good step that will help you gain traction with cybersecurity defence in the future.
3. Cloud-Based DNS Protection
One of the best preventative measures you can put in place sooner rather than later is cloud-based DNS protection, like Cisco Umbrella DNS. DNS is a simple concept—it’s the Internet service that lets you find servers based on a domain name (like google.com or facebook.com). Just like an index for an encyclopaedia. However, if you put an intelligent system like Cisco Umbrella in as the index, it can block people from going to places that are known as sources of malicious files or phishing links. Cisco Umbrella is one of the most effective ways of blocking all kinds of activities that might lead a hacker to your company. Phishing emails, many forms of malware, and fake links all use DNS to either spread or activate.
One note of warning: DNS protection means that you know what sites your staff are browsing. You won’t see the content itself, but DNS will tell you where they started. For some companies, this may be a privacy or policy issue. For others, this Big Brother approach is justified to keep your business safe.
Perhaps you Really do Need a Cybersecurity Company?
Bulletproof digital security is hard, but doing nothing isn’t the right answer. Any one of our top three actions to secure your business will help fend off attackers. All three will significantly decrease your attack surface. Still not sure where you should start? Contact us at TSP IT Services—we can show you where to take the first steps to cyber secure your company.