by Don Nokes | It’s October, … Halloween is the first (scary) thing to come to mind. But in our business, we think of something equally scary: National Cybersecurity Awareness Month.
When addressing the vulnerability of your company’s private information and day-to-day operations, there are usually two major strategies to shore up your data and protect against hacks: the first focuses on controlling your users and the second leverages cybersecurity protection installed by your IT team.
As to the former, we know that the most common way systems are breached is when a member of your team, who has credentials into your systems, inadvertently divulges those credentials through a social engineering tactic. That’s why we focus on your users.
Beyond your user-focus is the organization-wide strategy including the installation of systems and software by your IT team designed to prevent a sophisticated hacker finding a vulnerability in your network and exploiting it to gain access.
To protect your data, you need to approach the battle on those two fronts.
The User-Focused Solution
Protection from a breach requires unswerving (aka company-mandated) participation from all authorized users within your team. When an organization’s personnel does all they can do as users, it affords another level of security that just can’t be obtained by technology installations alone.
This approach usually includes:
- Quarterly security awareness training for all users
- Diligent, secure password management
- Conscious protection of personal information
- Ignoring of suspicious looking email that is likely spam
- Commitment to use multi factor authentication (MFA)
- Encryption of sensitive documents
Systems and Software
The organization-wide systems and software intended to protect your data should be handled by your internal IT guru or external managed IT support vendor.
These tactics usually include:
- Using a “hardened” firewall
- Installing and maintaining Endpoint Detection and Response (EDR) software
- Requiring complex passwords and password management app
- Diligent updates of operating systems, applications and web browsers
- Maintaining and regularly testing an appropriate backup and disaster recovery solution
- Requiring MFA for all users
Take Action For Critical Security Measures
When all of these strategies are meticulously employed, you dramatically improve the protection of your organization’s data and day-to-day operations. However, if you scrimp on any one of these standard tactics, you are providing a massive opening for a hacker to infiltrate your systems.
Celebrate National Cybersecurity Awareness Month at your workplace by reviewing the two-step approach to protect your data. At NetCenergy, we’re happy to provide a no-cost, no-obligation visit to help you understand how safe your data is. Trick or Treat.
Don Nokes is the president of NetCenergy. Reach out to him directly here.