Multi layered defence in an uncertain world
In a recent article we looked at human error and the need for policies and training to help your staff protect your business from cyber-attack and data breach.
These issues are significant and important steps in the process of building a secure infrastructure, one element of the multi layered defence that businesses and organisations must adopt. Nothing is 100% secure and cyber criminals are constantly looking for ways to defeat both the human and technological solutions that are put in place.
So, in what other ways can your business be vulnerable to attack?
Do you have security solutions form leading vendors in place? As the cyber threat landscape grows and evolves it is important to protect your infrastructure and data using enterprise class solutions from suppliers that are acknowledged to be at the forefront of IT security. Budgets are a constant concern but money saved on anti-virus, perimeter and endpoint security will prove to be a false economy if your business suffers a data breach or ransomware attack.
However, as we saw with the WannaCry attacks, paying for world class solutions can be of little help if these remain unpatched and not updated. Make sure that all your security and application software is updated together with that of your operating systems. The updates that vendors issue contain important security patches for the latest known security vulnerabilities.
Make sure that all devices are protected. In an increasingly mobile world securing the office desktops and servers is essential but don’t forget those laptops, tablets and smartphones. These devices are equally vulnerable they often have, or have access to, confidential information. If lost or stolen the consequences can be devastating, if they become infected they will spread that malware once connected to the office network.
Next, let’s look at your data and applications and who has access to what. This is important when discussing both external threats such as malware infections and in the context of insider threats – your staff. Businesses, particularly in the SME sector, don’t pay enough attention to access permissions. Malware can enter the infrastructure via a user’s endpoint and may be able to infect all files that the user has access to, a disgruntled employee could delete, steal or alter all files and folders that they can access.
Staff should only have access to data that they need for their role, this should of course be regularly reviewed, particularly if responsibilities change. Also ensure that when an employee leaves that you have robust termination procedures in place. In this way an organisations’ exposure to cyber-attack and data loss can be limited. A particularly important issue as GDPR comes into force in May 2018 and data access is a critical element.
Remember, focusing on one area of cybersecurity well but failing to address the others is like locking your windows but leaving the doors open.