<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=163836&amp;fmt=gif">

email info@cwlsystems.co.uk   0845 880 1285

email info@cwlsystems.co.uk  Mobile icon 01480 217777

facebook

qqq

    2017

    How to Improve Network Security and Protect Your Business (+DOWNLOAD)

    by CWL Cyber Security 0 Comments

    There are many ways you can improve network security to better protect your network against cybercrime. Read our recommendations, then download the free cybersecurity pack.

    Understanding that you need to improve network security means you have already taken the first step to protect your network against cyberthreats.

    One of the biggest cybersecurity problems small businesses suffer from is ignorance. Hackers and criminals are happy to steal all kinds of information from your business, in all sorts of ways.

    If you use email to communicate, a website to promote your business or the internet in any capacity then your business is at risk from cybercrime. And, if you hold data, take payments, interact with other companies or even have a business bank account, you have something that criminals want. 

    Small businesses are far from immune from cyber threats. In fact, because they pay relatively little attention to their security in comparison to their larger counterparts, many criminals see them as an easy target.

    How to improve network security and protect your business

    The ignorance many small businesses suffer from, however isn't just restricted to understanding the threats they face, but includes how they can protect themselves as well.

    • Updates. All your computers, tablets, servers and any other devices your company uses should be kept up to date with the latest security patches and fixes.
    • Passwords. Never leave any password on its default setting. Ensure employees change their passwords regularly. Change relevant passwords when an employee leaves and advise employees that passwords should be made up of at least three random words, with upper and lower case letters, numbers and symbols making them even stronger.
    • Employee education. Educate employees about the risks they are exposed to such as social media scams and malicious email attachments.
    • Anti-virus software. Make sure any device that connects to your business network or is used to access business data has anti-virus software, even if it’s an employee’s own smartphone. No exceptions.
    • Risk assessment. The government’s Ten Steps to Cyber Security says, ‘assess the risks to your organisation’s information assets with the same vigour as you would for legal, regulatory, financial or operational risk’.
           What do information assets look like? It all depends on your business but they can include:
    • Client lists
    • Customer databases
    • Your financial details
    • Your customers’ financial details
    • Deals you are making or considering
    • Pricing information
    • Product design or manufacturing processes

    Whatever assets you have, think about where they are stored and who has access to them to build up a picture of your potential attack surface.

    • Keep it need-to-know. Restrict access to valuable or sensitive company data. Transparency with employees is important but not everyone needs access to customer financial records and very few employees need the password to your website server.
    • Filter network traffic. Simple ‘allow or deny’ policies on applications and websites are no longer viable: people expect flexibility at work and often need it to do their jobs effectively. Advanced firewalls, like those from Palo Alto Networks, allow you to set rules at a much more granular level, for example you can let employees access private email accounts, but block them from sending any attachments from those accounts.
    • Encrypt data at rest and in transit. Keep access to the company network secure, ensure any data sent to or from the network is encrypted and keep stored data 4 encrypted so that if there is a breach, criminals can’t access anything valuable.
    • Assess cloud vendors’ security policies. Beware and double check credentials and contracts before you start uploading data to or connecting your in-house systems with cloud services.
    • Use SSL certificates for transactional websites. SSL certificates validate your business identity, proving to customers that your website is owned by a legitimate business, and encrypt the data exchanged between a visitor and your site.

    Protecting your network isn’t just about ticking off the basics though; there are important business arguments for good IT security management and maintenance. Doing the minimum is good, but doing a little more is better for business.

    Thought you were safe on the cloud? Find out why cloud backup should be the next thing you do.

     

     

     

     

     

    The business benefits of cybersecurity

    ‘Cyber crime is a clear barrier to growth for small businesses, particularly considering the enormous growth potential in the future from ecommerce.’ —FSB Cybersecurity and Fraud Report.

    Understanding and protecting yourself from online threats means building a solid foundation for growth. A data breach or malware infection doesn’t just affect your IT; it affects the whole business, from finance to customer services and beyond.

    Customers and business partners want assurances that you are doing all you can to keep your business (and by default their data) safe and, more than reassurance, some industry and government regulations demand you reduce the risk and potential impact of a data breach or cyber attack. Fail to do so and you could face serious financial fines and irreversible reputational damage.

    ‘Business leaders need to make sure they are protecting what is most critical to their organisation’s growth and reputation,’ says Andrew Miller, PwC information security director.

    And of course, with the average spend on Information Security on the increase in small businesses, you don’t want to find yourself left behind.

    We look at 7 ways poor data security could be putting your business at risk.

     

    Taking it to the next level: how to protect your network

    Once you’ve got the basics covered, there are three main principles you need to follow to ensure you close the gaps and maintain security:

    Resilience planning 

    Every business should be prepared for when, not if, they suffer some kind of IT breach or attack; there’s no cybersecurity silver bullet to keep you completely safe. You can, however, minimise the impact of a security incident by sorting out your incident response plan and disaster recovery capability before you need it.

    • Make sure employees know their roles in the event of a breach
    • Keep an up-to-date list of the relevant bodies or partners that need to be informed or who can help
    • And know what to shut down or monitor, for how long and what impact it will have.

    Also consider backup and failover systems. If you are an online retailer, for example, and your webserver gets infected what are you going to do? How will you keep customers informed of what’s going on?

    Monitoring

    Cyber threats have become increasingly stealthy in recent years. Often, criminals don’t want to cause mayhem or take your systems down, they want to lurk on your network, learn useful information that will help them with an attack and smuggle out valuable data. This is why monitoring is so important.

    You need to know who is using what applications and what they are doing with them. Logging network behaviour with log aggregation software allows you to track and spot unusual behaviour that could indicate a breach and monitor, in real time, the 6 health and status of your systems. Also make sure you run regular malware and vulnerability scans.

    Review and adapt

    Finally, since criminals are always evolving, your security policies and procedures should evolve to. Be sure to regularly review:

    • How effective your expenditure is
    • If the nature of your business has altered its risk level
    • If growth has meant security policies are no longer relevant or practical
    • If the technology and processes you have are still up to date in relation to the greatest threats
    • And simple things like who has what passwords, and when they were last updated.

    It’s a lot for non-technical managers to learn and a lot for IT managers to do. That’s why, when considering how to improve network security, we recommend getting professional help to lighten the load and help ensure that you’re covering all the bases.

    New Call-to-action

    CWL

    About Author: CWL

    Related Posts

    The Government approved Cyber Essentials scheme includes five technical controls that help protect ... Read More

    Two is often better than one – and that’s definitely the case when it comes to authentication ... Read More

    Read more on how  CWL are working with Clear Channel International to achieve thier digital ... Read More

    Leave a Comment

    REQUEST A FREE CONSULTATION

    Are you looking for IT support for your business? Request your free consultation now.

     

    Let's Talk

    REQUEST A FREE CONSULTATION

    Are you looking for IT support for your business? Request your free consultation now.

    Let's Talk