Cyber security best practices for CTOs in 2020

Cybersecurity best practices for CTOs in 2020

The chief technology officer (CTO) ensures that a company’s IT infrastructure and processes support the goals of the organisation. They’re primarily focused on implementing new technology, but protecting the company from malicious threats is also a key responsibility.

Cyberattacks in Australia are growing at an unprecedented rate, targeting companies with a high degree of success. In fact, the Office of the Australian Information Commissioner (OAIC) found that 537 breaches were reported between July and December 2019. This was a 19% increase from the previous six months’ total.

To mitigate these risks, CTOs must employ eight cyber security best practices.

Stay on top of software updates

The first step to protecting your organisation is to get on the latest technology and patch your systems regularly. Cybercriminals are always finding new ways to exploit vulnerabilities, which puts companies at greater risk the longer they use outdated software.

Computers running on outdated Windows 7, for instance, don’t stand a chance against sophisticated malware and cyberattacks built for modern operating systems. Developers like Microsoft also stop supporting and securing products after several years, so older products are likely to be attacked. By patching everything, from operating systems to productivity apps, you can cover your business against the latest threats.

Patch management software keeps track of all your software and automatically distributes updates to all company-registered devices. This way, you don’t have to manually install the latest patches on every device and application your employees use.

Secure user credentials

Most data breaches reported to the OAIC are attributed to compromised credentials, whether it be through phishing or brute force attacks. Given these findings, CTOs must ensure users are adequately protecting their accounts.

An effective way to do this is to promote good password hygiene. This involves setting at least 12-character long passwords (or passphrases) unique to each account. Password managers are great for enforcing these habits, but not every solution is built the same. Generally, you want a local password manager that integrates with company apps and syncs between laptops and mobile devices. It must also be heavily encrypted and have a solid track record against data breaches.

However, to better secure user credentials, CTOs must go beyond passwords and use multifactor authentication (MFA). This protects accounts by adding an extra step such as a fingerprint scan, making accounts significantly more difficult to hack.

Apply stringent access controls

Every user in your company should only have access to the apps and data they need to perform their jobs. To achieve this, you must implement strict access restrictions based on the employee’s role, device, and location.

Security solutions like Duo allow you to set dynamic policies to prevent unauthorised access to sensitive apps and data. For example, you can program the software to block login attempts if users are attempting to access corporate accounts through unregistered mobile devices. You can also deny access if employees don’t have the right authorisation level or if they’re logging in from an unsecured network.

Centralise security management

Consolidating security into a central console is crucial when your company uses cloud computing and mobile devices to enable remote work. Failure to do so means you won’t be able to maintain and monitor your company’s IT environment efficiently.

A unified threat management (UTM) system provides fine-tuned control and visibility over company devices and applications. It allows you to manage security functions like firewall controls, software updates, and user logins at a company-wide scale. It even lets you monitor user activity and device usage so you can enforce security policies and identify threats early.

Install multilayered security

The smartest businesses don’t solely rely on basic antivirus software to deter threats; they incorporate several layers of protection. UTM, MFA, and access management safeguard your accounts and data, but there are other security solutions to consider as well.

Strong firewalls and web filtering software are essential for protecting your network from harmful websites and network intrusions. Endpoint security systems identify and remediate vulnerabilities in devices that hackers may exploit. Finally, advanced threat prevention looks for potentially malicious behaviour, like unusual login attempts or large data transfers from a device. Investing in these solutions early can save your company from the hefty financial and legal costs of a security breach.

Encrypt your data

Encryption converts your files into indecipherable code, preventing outsiders from viewing or tampering with your data. To ensure the integrity and confidentiality of your files, encryption must be applied to data when it’s in storage and in transit.

First, migrate your data to cloud storage platforms like Microsoft Azure and Office 365. These offer high-level 256-bit encryption, which no supercomputer can crack within a reasonable time frame. Next, to secure data in transit, have your employees connect to a reliable virtual private network (VPN) like ExpressVPN. This obscures web activity from hackers, so they can’t intercept data travelling between devices and web servers.

Provide security training

Last but not least, you must train your employees to be vigilant. No matter how powerful your cyber security framework is, it can be easily undermined by reckless employees. Those who fall for phishing scams, access suspicious websites, and freely disclose sensitive information are huge liabilities.

Dedicate a couple of hours a month teaching employees about online scams and proper data sharing etiquette. Also, supplement your team’s security training with practical exercises and simulated phishing attacks to prepare them for real-world scenarios. These go a long way to minimising the risk of data breaches.

Defending against cyberattacks is a constant challenge for CTOs, but practicing the fundamentals is key to being hacker-free. Here at Empower IT, we provide the best security tools and services that leading Australian managed IT services providers offer. If you need cloud security services, endpoint protection, and even security training, just call us today.