Hackers are constantly honing their skills and becoming more dangerous, putting your small business at risk. The standard level of prevention from the past is not enough to protect all technology users today. Avoiding ransomware and phishing emails boils down to three basic approaches:
- Good cyber awareness and end-user training
- Following desktop best practices
- Routine testing of backup and recovery plans
Cyber Awareness and User Training
Good cyber awareness starts with regular password changes. Be certain passwords are over a certain length and utilize special characters. Longer passwords are more effective than short passwords with capitals, special characters and numbers. Using short sentences, known as passphrases, has been shown to be effective.
Have passwords for everything. Remote Desktop Protocol (RDP) accounts are sometimes overlooked, but public-facing servers must have passwords to avoid exposing information to prying eyes. Passwords for RDP accounts should be complex. If it's as simple as "password123," hackers can immediately gain access with a brute force attack.
Phishing is still commonplace. You'd be surprised how much spam floods into private and public-sector organizations. You'd also be surprised by how many people still click on infected emails, PDFs, images, and documents. Did you know that the only "safe" attachment is a .txt file? All others have the ability to become infected?
Routine staff training helps technology users understand the ramifications of clicking without thinking. Be certain they know the sender, that what they received was something they requested, and is in the format they would expect to see it. For instance, a request for report information at an abnormal time (ex. the middle of the night) is a red flag.
Best practices start at the desktop. Keep up with your application patches and updates or you'll risk infection. Once one machine is infected it easily spreads across multiple desktops and connected server resources. Some patches require you to reboot your workstation, so a good practice is to reboot at least once a week.
You also need preventive security technology to survive in today's world. Applications residing in the cloud must have firewalls which are appropriately set, with all unused ports blocked. If this isn't set up, your application is open to be hacked.
Lastly, communication is essential. Be certain you are working with a technology partner that knows what they need to accomplish and when they need to involve additional security professionals to accomplish specific projects. The majority of small businesses will be in great shape implementing these approaches, particularly regular backup and disaster recovery plans.
Testing Backup and Disaster Recovery Plans
Most organizations do not actively test whether their backup and disaster recovery plans will work. They just do the initial setup and assume they will work when needed.
Current backup systems and the cloud make it simple to back-up, take snapshots, and replicate objects to other regions and accounts. This adds layers of disaster recoverability that will benefit any organization getting back on its feet after a cyber disaster. Maintaining a current, complete backup is one of the best ways to minimize downtime after malware events.
These three practices may not completely protect you from an attack, but in my experience, they're the difference between a small amount of inconvenient downtime and a high-dollar IT system rebuild.
Talk to your IT Support Provider
Other steps such as two factor authentication (2FA) are also helpful to keep cybercriminals at bay. The IT environment is constantly evolving and changing. Working with your IT provider on a regular basis will keep you aware of possible updates and maintain the security of your environment.
For assistance securing your business against hackers, contact CoreTech today.