Reducing Cyber Security Risks with IT – Best Practices for Managing Cybersecurity Threats (Part 3 of 3)
In Part 1 of this series (published two months ago), we started with passwords and multi-factor authentication (MFA), personnel management precautions and processes for protecting an organization’s cybersecurity. In Part 2 (published last month), we recommended some internal procedures an organization can adopt to preventively mitigate cybersecurity risks. Today, in Part 3, we suggest some IT-related measures that will reduce cybersecurity risks and create a response plan for a cyber incident.
Organizations large and small face cybersecurity threats daily. No amount of prevention can give the peace of mind that a cybersecurity insurance policy can provide.
Please note that we are not IT professionals and what we recommend here is not an exhaustive list. Please consult with your own IT professionals and/or IT staff who manage your IT services for your specific needs. For clarity’s sake, the following advice will be broken up into quick bullet points on some of the best ways to protect yourself from and respond to cyberattacks that may threaten your organization. These recommendations are not regulations, mandates or legal opinions. They provide a brief and incomplete summary of some recommended practices in addition to what were previously discussed in Parts 1 and 2:
* Firewall
* Encryption
- Encrypt all data stored on business computers, phones or tablets and encrypt all sensitive data you send out (e.g., client/patient data, credit card info, etc.).
- Encrypt data for wireless transmission (ideally, via WPA2 or newer encryption protocols).
* Email Spam & Phishing Protection
* Next generation anti malware protection
- Keep all operating systems and software up to date (e.g., patches and updates).
- Avoid software from any unknown source.
- Remove or uninstall software that no longer is being used.
* Dark web monitoring
* Migrations and Upgrades
* Security assessment
* Disaster Recovery Planning & Testing
Preventive and Responsive Actions (again, this is not an exhaustive list):
1. Have a plan for when your company is cyber attacked.
- Designate a group of people with the responsibility to handle the attack and choose a leader for that group. The group should have IT staff and an executive to handle both the tech and business side of things. This group will be known as your “incident response” team.
- Create a simple cyber attack response strategy and outline the basic steps by defining critical tasks and creating lists of things that must be done to mitigate damage.
- Define roles and responsibilities so that everyone is clear as to who is responsible for what should an incident arise.
- Communicate to everyone within the organization who to contact if they suspect a cyber incident has occurred (or is occurring).
- Gather after-hours contact information for incident team members and distribute this information to all staff. Consider channels of communications that do not involve business-provided phones and emails.
- Schedule routine backups for your business computers and test them periodically to ensure they can be used.
2. Properly get rid of old hardware that may still have important software containing sensitive business or personal data on them. (Delete all files from the device’s storage and physically wipe hard drives…ideally, wipe disks to DoD 5220.22M standards).
3. Keep all your devices security updated, such as your antivirus, firewalls and/or other security programs you have installed.
4. Use systems that give you the ability to remotely erase or find a device and protect you from cyber attacks. A.K.A. “Mobile Device Management (MDM).
5. Only do business on a secure wireless internet connection, like at your office or using a company provided VPN. Avoid doing business on public Wi-Fi.
We’d like to address a few areas in some more detail:
Online Banking & Internal Procedures
When you bank online,
- Use a secure browser connection (indicated by “https” and/or a lock visible in the address bar or in the lower right corner of the Web browser window.)
- Use the incognito or in the private mode of your web browser.
- Delete your internet history, cookies, browser cache, and temporary Internet files once you’re done.
- Apply Multi-Factor Authentication (MFA) if your bank’s online site supports this.
- For certain types of transactions (e.g., high-dollar transactions, etc.) have a protocol in place that does NOT allow a single person to be able to both start and complete a transaction…some other person’s approval should be necessary.
- Set a limit on how much can be transferred out of your bank accounts (again, without some sort of approval process…ideally over the phone).
- Require two executive signatures before wiring money overseas. (Again, it’s a good idea to require verbal approval as well.)
Identify Every ‘Thing’ (Devices, Sensors, Systems etc.)
When a company creates a quicker and increasingly refined system, many devices are digitally interconnected to share data. This interconnection is as an Internet of Things (IoT) Infrastructure. It’s important that every device, or “Thing”, has its own unique identity to help it’s connection to the IoT Infrastructure because it can provide encrypted transmissions and device authentication to other users, “things” and services.
Firewall Security for Your Internet Connection
A firewall can stop unauthorized access to your private network by watching over the data you receive and send. A firewall is customizable, letting you choose what data enters your computer and/or network and what you want it to stop.
Firewalls are designed to prevent unauthorized access from an UNTRUSTED network (such as the Internet). You can create a set of rules on your firewall so that it knows what to allow in and what to block out. For broadband Internet access, install and keep operational a hardware firewall between the internal network and the Internet.
Leverage the Cloud
Outsourcing the storage and protection of data to a cloud service is a common practice by small and medium businesses. If you go this route, be sure that you know all the details given to you by the provider regarding how they store and encrypt your data and where their data centers are located.
Prevent Phishing
Among other threats to email, phishing is one of the big threats. Some of the solutions include encrypting messages, and enable verification of the origins of messages to make suspicious emails easier to notice. When looking at security options, consider that the program’s user interface is easy to use.
Regular updating internet security solutions
Regularly updated firewalls, antivirus, and other Internet security solutions covering all digital devices, from desktop computers to smartphones to tablets, as well as home systems that employees may use for business.
Cyber Liability Insurance
Standard insurance policies don’t normally cover the loss of data, this is where cyber-insurance comes in. You also need to ensure you are covered in case your business experiences some downtime. We at Rick Callaway’s Team of Pacific Diversified can sit down with you and strategize coverage policies that will ease the cost of data recovery, financial losses due to server or network downtime, breach of third-party data and other expenses related to compliance and breach notification due to a cyber attack.
We are the extra milers in protecting your businesses. We also offer all other kinds of business insurance, to protect your assets, employers and employees. Call us: 925 788 5558 Email: rcallaway@pdins.com
Many thanks to Danny Cota of https://gsdsolutions.io/ for valuable IT advisory input and editing. GSD Solutions, based in Mountain View, CA, provides organizations with all aspects of managed IT services with experience, expertise, and excellence. Phone: (888) 345-4032 Email: Sales@GSDSolutions.Io