What is Cyber-security?
Cyber-security is the practice of protecting computers, servers, mobile devices, electronic systems, networks, and data from digital attacks, theft, and damage. These attacks can come in the form of viruses, worms, Trojan horses, ransomware, spyware, and other type of malware, as well as phishing scams and other forms of cybercrime. Cybersecurity is important because it helps to keep our personal and sensitive information safe, as well as ensuring the integrity and availability of systems and networks that we rely on in our daily lives.
Small businesses are often targeted by cybercriminals because they may not have the same level of security measures in place as larger organisations. This makes them an easier target and can result in significant damage if an attack is successful. As small businesses often have limited resources and may not have the personnel or financial resources to recover from a cyberattack, a successful attack can disrupt business operations, damage the company's reputation, and result in financial losses.
If your business handles sensitive customer or client information, such as financial data or personal information, and this information is not properly secured, if accessed by hackers it can result in not only a data breach, but legal liability for your business.
Concerned about cyber-security for your business? You should be. Cyberattacks do not discriminate on the basis of company size or industry, and they can be as formidable as any financial operation or reputation risk a company will face.
Instead of leaving your data, network, and business assets at risk, you can be protected with cutting-edge technology and human talent, both on the outside, and on the inside. Cyber-security also forms the basis for many compliance related issues such as GDPRm and may even void insurance if not properly exercised. You do have cyber insurance right?
Protecting Your Business from Cyber-attacks
- Use unique and complex passwords for all accounts (consider using a password manager), and enable two-factor authentication to add an extra layer of security.
- Keep software and devices up to date, install security updates as soon as they become available to fix vulnerabilities.
- Use a firewall, a firewall can help protect your network from external threats by blocking unauthorised access.
- Antivirus software can help protect your devices from malware and other threats by identifying and removing them.
- Be cautious when opening emails and downloading attachments, be wary of emails and attachments from unknown sources, as they could contain malware.
- Educate your employees, make sure they're aware of cyber-security threats and how to identify and protect against them through User Awareness Training.
- Back up your data regularly; back up your important data in case your systems are compromised.
- Use a virtual private network (VPN) when connecting to the internet, particularly when using public Wi-Fi.
- Consider purchasing cyber-security insurance to help protect against financial losses resulting from a cyberattack.
- Implement strict access controls, such as requiring employees to use unique login credentials and limiting access to sensitive data; only give employees access to the information they actually need access to.
Have an Incident Response Plan
An incident response plan is a set of procedures and guidelines that an business follows when responding to a cyber-security incident. It outlines the steps that should be taken to identify, contain, and remediate an incident, as well as how to communicate with relevant stakeholders, such as employees and customers.
An incident response plan is an important part of any business's cyber-security strategy as it helps to protect against the potential impacts of a cyber-security incident. Having an incident response plan is important for several reasons:
- An incident response plan helps to ensure that the appropriate actions are taken quickly to minimise the impact of an incident on your business.
- A well-executed incident response plan can help to keep your business running smoothly, even in the face of a cyber-security incident.
- An incident response plan can help to mitigate the damage the reputation of your business by demonstrating that you are taking appropriate steps to address the incident.
- Depending on your industry, you may be required to have an incident response plan in place to comply with regulations or standards.
How Can Sheridan Computers Help?
Sheridan Computers can provide a range of cyber-security services to your businesses as part of our Managed IT Services; these services include things like threat monitoring, security incident response, security assessments, and much more, for example:
- Managed firewall services: Managing and monitoring your firewall to ensure that it is configured correctly and providing the necessary level of protection.
- Managed intrusion detection and prevention: Monitoring your network for signs of a security breach and taking the appropriate action to prevent or mitigate the incident.
- Managed security information and event management (SIEM): Collecting and analysing security-related data from your systems to identify potential threats.
- Managed vulnerability management: Identifying and addressing vulnerabilities in your systems to reduce the risk of a security breach.
- Managed Endpoint Detection and Response (EDR): Continuous monitoring of your endpoints (devices) for signs of security threats, such as malware or unauthorised access, and taking appropriate action such as quarantining suspicious files, or blocking malicious network traffic.
Solutions We Can Provide
If a malicious piece of software manages to find its way on to your desktops, or your servers, serious consequences can arise. The nature of the threat can vary in many ways such as destruction of data, a common attack vector being ransomware. But what if your data is exposed? This could have serious legal or professional implications.
The threat of ransomware is getting worse, rather than simply asking for money in return for your data (which can be an inconvenience but easily resolved in most cases via your backup and disaster recovery plan, bad actors are now requesting money in exchange for not releasing your data to the general public, which could have serious financial implications, the least of which being your competitors having your information.
Certain operating systems such as Windows 10 have anti-virus built in, which is comparable or even better than that of many third-party anti-virus solutions. The anti-virus software built in to Windows 10, Windows Defender, is an excellent product, even more so with optional add-ons such as Advanced Threat Protection.
Wait what? That's right, Windows Defender is an awesome product but you have to manage it yourself and keep on top of it yourself, which in a business environment with many machines can be a headache many business owners just don't want, or have the technical expertise to deal with. This is where managed anti-virus solutions such as those provided by our Managed IT Services come in to play. If your systems are protected by managed anti-virus software from Sheridan Computers our teams are notified of any threats and able to respond and ensure any threats detected are removed, much of the time without any knowledge or interaction from users.
DNS protection works by attempting to prevent access to malicious external sources such as websites. When visiting a website it's location on the internet has to be looked up to determine where abouts on the internet the site lives, the technology which handles this is known as DNS which translates human readable website addresses to internet addresses. DNS protection systems have black lists of these addresses which can then be blocked at the perimeter level.
In addition to preventing access to malicious external sites, DNS protection can also serve to prevent access to categories of websites such as those serving adult content, social media websites or external email providers.
A firewall is a barrier between your business network and the internet, a vital component in your businesses IT infrastructure. Firewalls help mitigate the threats that arise by giving systems, and people, access to the internet.
Your average off-the-self router/firewall is unreliable, has limited functionality and potentially multiple software vulnerabilities. Commodity router/firewall manufacturers don't any incentives in patching software bugs, performance problems or even serious security holes. It's all about money, and there is just no incentive from manufacturers.
Having a managed firewall solution from Sheridan Computers gives you piece of mind that your firewall is being actively monitored 24x7 365 days a year, software patches will be applied as they are made available.
Intrusion Detection Systems
An intrusion detection system (IDS) is an system that monitors the network traffic on your business network for known exploits, threats, and suspicious activity. Upon being triggered by an event, the intrusion detection system will alert network administrators to allow them to respond.
Intrusion Prevention Systems
An intrusion prevention system (IPS) works and hand-in-hand with IDS systems and provides an automated way to block detected threats before they hit your network.
Endpoint security is the second line of defence after perimeter security, and the first line of defence for internal security. Systems should be secure on their own without having to rely on edge devices. While edge devices such as firewalls and IDS/IPS systems will help protect from external threats, they cannot protect you from internal threats, whether they be threats that have breached perimeter defences, or threats arsing from internal bad actors.
Software Updates and Security Patching
First and foremost, the most important part of endpoint security is keeping desktops and servers secure. The simplest, most efficient, and cost-effective way to implement is by keeping servers and desktops up-to-date. For example, operating systems, such as Microsoft Windows, have patches released on a regular basis; in the same respect so do application vendors such as Adobe. It is important to be aware of patches as they are released and implement them as soon as possible for the best line of defence.
Web protection works in addition to anti-virus software attempting to block access to external sources before threats can be downloaded to your systems, similar to DNS protection mentioned above but on an endpoint level, and just as important. Web protection also scratches other itches such as content blocking (preventing access to adult or inappropriate websites), a service also provided by our managed service offerings.