Hackers are improving their methods and unearthing flaws in different levels of computer networks. In the last year, we’ve witnessed multiple threats; including worms, malware campaigns, data breaches, and insider attacks. And 2017 isn’t looking much better after several companies fell victim to WannaCry ransomware; an encryption-based malware that has already affected more than 300,000 computers in 150 countries.
In response, many panicked organisations are buying antivirus solutions, thinking it alone can keep them safe. But that’s a dangerous mindset. Although antivirus is an essential tool for protecting your computers against specific threats; it’s just one component of an effective security model. The best way to guarantee your business’s safety is to deploy a multi-layered security strategy; that’s equipped with the following:
Network firewall and threat detection
When you connect to the internet, you need adequate security controls against network-based attacks. Unlike other threats; network intrusions send malicious payloads to compromise systems remotely and spread within a network automatically.
The first line of defence against these threats is a strong firewall. Simply put, firewalls use rules to control incoming and outgoing network traffic; allowing employees and their computers to access only trusted networks while denying access to known malicious websites or services. This is an essential component to any security strategy and must be updated regularly to block emerging threats.
To complement your firewalls, you’ll also want intrusion prevention systems (IPSs). A bare-bones firewall blocks traffic based solely on whether it is known to participate in suspicious activity. But sometimes, hackers find ways to deliver their payloads from “trusted” sources and IPSs scan every byte of data to look for known red flags — even if it appears to come from somewhere safe. If malicious content is detected; IPS immediately stops it before it reaches your operating system. When paired with firewalls, you can filter out a broad range of attacks, including denial-of-service, browser, and brute-force attacks.
Email spam filtering
One of the most common cyberattacks are phishing scams; whereby hackers send fraudulent emails to trick users into downloading dangerous file attachments or giving away their login credentials. Email/spam filtering solutions help you avoid these attacks by examining the body, subject line, and file attachment against an extensive cloud database; and blocking emails that contain phishing elements.
The next layer of defence focuses on protecting desktops, laptops, and mobile devices. Hackers attack these systems by exploiting software vulnerabilities, URLs, and seemingly innocuous file downloads to sneak in malware.
In this situation, antivirus software is absolutely essential. If malware does manage to bypass your network security layer; antivirus products are backed by security intelligence to identify and quarantine known viruses, worms, and Trojans. However, endpoint security doesn’t stop once you’ve implemented antivirus software.
Application whitelisting — a solution that allows you to determine what applications are and aren’t allowed to run on workstations; can prevent suspicious software from running in the first place. Meanwhile, keeping applications, operating systems, and security products up to date is a good habit to protect your endpoints from the latest exploits. For instance, WannaCry ransomware could have been easily avoided if; users had just updated their Windows computers back in March.
Access and authentication policies
Airtight access management plays an important role in mitigating data breaches. For one, you can control which user (or users) can access specific files or applications; preventing them from leaking company secrets, whether intentionally or accidentally. This also limits how much hackers can access if they ever manage to steal an employee’s username and password.
In addition to access management; enabling multi-factor authentication whenever possible will reduce the likelihood of account hijacking. Other than login credentials, users must also provide another authentication factor like a biometric scan or a temporary security key sent to their smartphone, making it more difficult for hackers to steal everything they need to enter your systems.
Should the hacker circumvent all your network-based defences; data encryption systems will be your last stand. This mechanism converts files into undecipherable code; and can be decrypted only by authorised parties. When encrypting your data; make sure 256-bit Advanced Encryption Standards are applied to both data at rest and “in flight”. Your managed services provider should also offer Transport Layer Security (TLS) to secure data transmitted from applications and web browsers.
While all the protections above are crucial; you shouldn’t neglect the physical security of servers, desktops, and external hard drives. After all, it doesn’t take a genius hacker to break into an unlocked server room and drop malware onto your office network.
The solution to this is as easy as locking cabinets, limiting access to server rooms, keeping track of mobile devices and backup media, and installing surveillance systems to deter cybercriminals. If your files are stored in the cloud; ask your provider for proof that their facilities are secure and request for a record of who has access to your cloud servers. At the very least, this will give you some peace of mind.
Last but not least; don’t overlook what may be the most vulnerable layer of all: your employees. Plenty of malware attacks have been successful because someone clicked on an unsolicited link or stumbled into an ill-intentioned website. Secure this layer by providing comprehensive training that focuses on encouraging cybersecurity best practices; raising awareness about new attacks and phishing scams, and explaining the importance of setting strong passwords. At the end of the day, employees who play an active role in your company’s security can be as strong as any antivirus software.
Overconfidence in one security solution is an ineffective defence. Hackers will, unfortunately, discover multiple methods to steal, destroy, or ransom your company’s assets. As such; a layered security approach is the only way to keep your business safe.
There are literally dozens of elements and products to consider when implementing a multi-layered security strategy. To make sure your company has all the protections it needs; contact Empower IT today. We will provide you a risk and vulnerability assessment; to determine what your business needs and install the right tools to eliminate your weaknesses.