The year is 2020, and the Sinister Scammers are hastily taking rein of networks from all corners of the internet. Closing in on unsuspecting businesses, invisible to the naked eye.
Your business is in desperate need of a cybersecurity superhero to defeat the Sinister Scammers and return peace and security to your network.
Could YOU be that hero?
Follow our guide ‘7 more steps to become a cyber security superhero’ and learn how to protect your business from harm’s way.
- Up your armour and sandbox your web surfing
Allowing your team to visit any website they wish can have serious consequences for the security of your system. Whether they go direct or a via a link in a website, the consequences of even just arriving on a malicious site can be quite severe.
Make sure all your web surfing is protected by a “sand boxing service”.
Using a sand box will mean that your web traffic will be redirected initially to a test site (or a sand box), which will check to make sure there is no malicious code in the site you are trying to visit. It will also check to make sure the site is not on industry blacklists of dubious internet locations. All of this happens in a fraction of a second. You won’t even notice, but you will be protected.
- Faulty backups: The kryptonite of cybersecurity
Your business may already have a backup system in place, but how often is it tested? This is something that many business owners neglect; however, it’s imperative to ensure that systems are tested regularly. Most experts advocate for testing at least once a year and whenever there's a substantive change to the business or technology infrastructure.
If you don’t have the time to do a backup yourself, there are many reputable suppliers who can do this for you.
Finally, it’s vital you have business continuity and technology disaster recovery plans in place.
- Mask your identity and use different passwords for external sites
In business, you will often need to register for products and services online - where you’ll be asked to submit a username and a password. Whenever you do, you must use a username and password that is different to the ones which you use to log in to your own local system.
Once you have registered your details to an online site, you have no control over how that information is shared. If that external site is hacked, and you used your local system’s username and password, that information will be available to hackers and scammers - and your local system will be vulnerable to attack.
- Warning – being in the cloud doesn’t mean it’s backed up
Some people think that storing data in the cloud means that it is backed up – unfortunately, this isn’t the case. Storing data online is just like storing it on your own PC. If anything happens to that data: if someone deletes it, if the server it is stored on malfunctions, or if you get a virus - you’ll lose it for ever. This applies to even the recognised services like email on Office 365.
Make sure that you have a reliable backup routine in place for all your online data.
- Defend your bank account with the small money test
Be very careful who you send money to. If a new supplier asks for a big sum of money, or an existing supplier changes their payment details - make 100% sure that you are sending the money to the correct place. If in doubt, transfer a small amount of money to the supplier first and verify that they have received it safe and well. Make sure you talk to someone whom you know and trust to verify they have the small amount of funds BEFORE sending the remaining (and much bigger) balance to them.
- Enforce a ‘personal use’ policy
You must have a policy which details how your team’s personal devices are allowed to be used on the company network. Things like personal smartphones, tablets and laptops can cause significant network damage, as they often don’t have business-grade security systems and software installed.
Create a policy and make sure it is managed properly.
- Rollbacks – the real hero of the hour
Users shouldn’t really store data on their network laptops and PCs - but they often do. User devices are also often where a virus begins before it spreads to the network. When this happens, all of the data on the user’s device is at risk and it may need to be totally rebuilt - which can be time consuming and costly.
Protect yourself by installing rollback software on your network PCs and laptops. It’s often available as an add-on to virus protection software. If anything happens to your PCs or laptops, you can quickly return them to exactly how they were just before the incident happened.
- Protect your digital universe with a guest network
Organisations frequently grant visiting users access to their networks - often for internet and Wi-Fi access. Most modern routers and firewalls allow for the creation of a guest network which isolates guest traffic, keeping it separate from the company’s main network.
Create a guest network to allow internet access for visiting users while keeping all such traffic away from your company’s main network - reducing the chances of network infection.
From time to time, every cybersecurity superhero needs backup. BTP would like to introduce ‘The Tech-Men’ – a group of highly-trained cybersecurity superheroes who help small and medium-sized businesses protect their IT infrastructure from The Sinister Scammers.