No business is too small not to be a target by cyber criminals. Therefore, being knowledgeable of the cyber security best practices for businesses in Kenya will greatly help protect any company from the risk of cyber-attack. Moreover, we have highlighted a framework which will any company to reduce the risk of cyber-attack. All these cyber protection best practices have not only protected companies from losses occasioned by disrupted service delivery but have also brought savings in time and money.
Cyber security best practices for businesses
Company software remain a key entry point for cyber-attacks. And do you protect your software from such vulnerabilities? Keeping company software updated will help close all the backdoors that might facilitate attackers in their mission. Company software include computer operating systems, word processing applications, payroll software etc. All these software should be updated regularly and if possible allow automatic updates.
All important company files should be backed up and kept in a safe storage. External hard drives can be used for offline backup. Also, backups can be kept in the cloud. Cloud backup works well as part of the disaster planning and business continuity strategy. Thus, should an attack happen the offsite backup will provide something for the company to start over with.
Every device used at the work place should be password protected. Apart from servers and internet wireless access points, laptops, tablets and smartphones should have passwords. When the device is protected by password, even data and files kept inside will be protected.
Apart from passwords, all devices containing sensitive company information should be encrypted. Encryption should be extended also to cloud storage so that access should only be allowed to specific people with the decryption keys.
Multi factor authentication
Having provided password protection for devices, it is also important to introduce multi-factor authentication. Therefore, before any successful login, the user will be required to enter password plus an OTP code. This way, it will be difficult to execute illegal logins even if that person has the correct password.
Wireless network protection
Wi-Fi network security definitely begins at the router level. The first step will be to change the out of box username and password for the router device. Most people prefer not to change the default logins details for ease of remembrance. However, this practice pose a great risk to a company’s network resources.
Also, remember to disable the remote management. However, remote management can be enabled only when a secure link such as VPN has been made available to protect such activity. When the router is protected, even the telephony infrastructure including the PBX telephone system will be protected.
Most cyber-attacks are successful because most employees are not made aware that such threats exist. The only way to create cyber security awareness is through staff training. Therefore a session should be arranged whereby employees will get trained and made aware of the cyber security basics for small businesses. Consistent staff training will help in creating a culture of responsible use of IT devices and install IT security in the company. Most importantly, employees should be updated whenever risks are identified and vulnerabilities pointed out.
Password use guideline
Guidelines should be provided for creating strong passwords. For example, a password with at least 12 characters containing a mixture of both capital and lowercase letters, special characters and numbers will generally be considered strong. And, the passwords should not be shared whether on email or via text message. Passwords should not written on notebooks or sticky notes either. Lastly, applications and software requiring password for logins should have a maximum number of allowable unsuccessful login attempts.
Classify the IT resources
Use the updated asset register to identify and classify the IT assets that require protection. These include laptops, desktops, tablets, servers, printers, etc. Each employee assigned a device must be informed of their personal responsibility towards upholding IT security standards set. Every stakeholder should be aware of the how to handle sensitive company data and actual step in reporting suspected breach.
Protection of the IT resources and devices
Another one of the most important cyber security best practices, is the installation of network security software. Installing a good network firewall will protect the gateway against intrusion. Then, installing an endpoint protection software will protect all endpoint within the corporate network e.g., desktops, tablets, laptop etc. In addition to the installation of the security, regular back up of important files should be encouraged. Also, there should clear protocols for disposing of old IT equipment and eraser of no longer necessary company data.
Detection of an attack
Because there is a system in place for monitoring network activities, detecting an attack activity will be easy. Common network monitoring system include endpoint protection software. When the endpoint security software detects abnormal application behavior or device activity, the system administrator gets notified. Suspicious behaviors include unauthorized login or installation of a potentially unwanted application.
Response to an attack
Immediately an attack is detected, the affected endpoints should be isolated. The immediate isolation of affected endpoint from the corporate network will help in stopping the rapid spread of the malware or ransomware attack. With isolation, even the structured cabling installation infrastructure will be kept safe. Some of the activities at the response stage include; stopping the attacks, neutralizing the threat, and investigation of the cause. Also, at this point firewall protection policies will have to be updated. Policy updates will generally help in hardening the router or the gateway against future attacks.
Recovery from a cyber-attack incident
Following a successful cleanup, the previously isolated endpoints should be restored back to the network. A report should be prepared and shared with disaster recovery team. The post attack report should highlight vulnerabilities areas identified and steps taken to ensure there will be no successful attacks attempts in future. Furthermore, a successful recovery should be communicated too all stakeholders e.g. employees, management team and customers. Also very critical cyber security best practices.
Easy Cyber Security Tips
Suddenly Cyber Security threat has become a big headache among corporate organizations and small business owners alike. These cyber-attacks are no longer limited to financial institutions. Non-banking institutions are fast becoming victims hence the need for cybersecurity preparedness.
See also; best IT Support company in Kenya
Even so, there are several easy cyber security tips that can help protect computers and information stored therein from unauthorized access. Below we highlight some of the straightforward simple strategies that will help protect companies, organizations, institutions from cybersecurity threats.
Install a good Network Firewall System
A firewall system is basically a shield that protects the corporate network including computers and other network resources from external attacks. So, the firewall system will monitor all traffic coming from outside and only allows clean traffic. Any suspicious traffic is dropped.
By blocking unauthorized access to the corporate network, you protect the computers, smartphones, and servers from malware and Trojan attacks. Even though most routers come with own inbuilt basic firewall system, it is highly advisable to get a firewall system with advanced network monitoring and scanning capability. By way of example, Sophos firewall is an excellent corporate network security firewalls.
Initially, firewall systems were mainly physical appliances with built-in management software. However, today we have cloud-based firewall systems that can be deployed and managed from any location. In as much as they are deployed only as a software application, they have superior capacity to block computer viruses, Trojan attacks, email spams, SQL injection attacks to mention.
Install genuine Endpoint Security software
All desktop computers, laptops, and smartphones must have either antivirus software or internet security software installed. Even though some operating systems come with a free version of the antivirus software, it is advisable to install the commercial version. The commercial applications not only come with superior security features but are also enriched better functionality.
In all, Bitdefender total security software will protect computers and other endpoint devices against viruses, malware, and spyware and phishing apps. Also, endpoint security software and antivirus, in particular, will help in scanning removable storage devices such as flash disks and external hard disks. In certain instances, the antivirus software will help block ads and unwanted website suggestions.
Update firmware for Active Network devices
Active network devices such as routers and wireless access points and network switches play a critical role in any corporate network. Internet traffic from within and without the local area network is coordinated by these devices. Essentially, they are the easy target and can easily serve as the single most open point of network security failure. Therefore, ensure that active network devices are running on the latest firmware.
Firmware updates can be downloaded from the vendor’s website. However, it is important to consult the telephony solution installer for guidance on how to go about it. For example, should you require the most recent firmware version for the Yeastar S20 PBX phone system, then contact the telecom service provider who will guide appropriately. The same is true with the Dlink or TPlink switches routers and access points.
Regularly change User Account passwords
Updating user account passwords on a regular basis has proved to be an effective method for protection against cybersecurity threats and information security. Users should also be made aware of the dangers of sharing passwords with colleagues. Also, the passwords used should be unique yet incorporating, both lowercase and uppercase letters and special characters.
It is recommended that passwords should be changed every 3 to 6 months. Actually, make it a policy that every staff is reminded to change their passwords every 3 months. This will drastically reduce hacking incidences. Most hackers will most likely use keystroke loggers to steal personal passwords. You can beat them by updating passwords regularly and also by using the on-screen keyboard when typing in passwords.
Apart from updating the passwords, users should avoid saving passwords whether in written form or o the web browsers. This is because any computer user can easily steal password information when saved in whichever form. So, the most effective method for keeping passwords would be to just memorize them.
Purge Redundant User accounts
By the same token, remember to purge all redundant user accounts. These are mainly passwords and user account access credentials which are no longer in use. Thus, all user accounts and passwords belonging to employees who have left the company should be purged without fail. This is because hackers might use such credentials to compromise company systems and security infrastructure.
Check and install the latest security updates on computer operating system
Most operating systems have an inbuilt capacity to search for the most recent software security updates. This is particularly true if running a genuinely acquired and licensed software. That being the case, vendor software will offer facilities to protect your computer from cyber-attacks and other threats.
These facilities come in the form of regular updates. Regularly installing software security patches is a sure way of sealing in any invisible security gap. So instead of disabling updates, it is actually beneficial to accept software security updates from the vendor.
For instance, the Microsoft operating system will give notifications about the latest update. Accept and install. In fact, always ensure the windows firewall is always on even if the computer is running another third-party antivirus software.
Install Genuine Application software
Remember to install only genuine and licensed software e.g. payroll software. This applies to the operating systems as well as application software. A genuine software is a software application released by a trusted vendor and protected from copyright infringement. Moreover, genuine software lowers the chances of your computer ever crushing by up to 90%.
Unlike the genuine software, research increasingly showed that using pirated software exposes computer users to identity theft risks. In fact, there is a possibility the pirated might come with password sniffing applications which might compromise online transaction activities. Be that as it may, it is beneficial to spend a little higher on software acquisition than acquire a software yet expose your personal files and documents to hackers.
When all is said and done, remember to consult the IT security experts. Contact us today by filling in the below form for a customized Cyber security threat management proposal.
Main advantages for passwordless authentication
Better user experience
Be that as it may, most users actually hate having to remember a password whenever about to log in to a system. Biometric authentication comes to solve the inconveniences caused by the need to save passwords for future use. With biometric authentication users will no longer be required to memorize login credentials for various systems.
Maintenance of password
Ideally, all systems require that passwords be updated every so often. That is, every 3 months a system user will be required to update the access credentials. This requirement can be time consuming and can also impact negatively on performance. However, when passwords get eliminated, there will be no need for frequent password updates. Because the biometric credentials captured will forever remain unique to each system user.
Password protected systems tend to be vulnerable to hacking attacks. Unlike password protected systems, systems with biometric authentication tend to have stronger security. No need to save passwords on browser applications for automatic future logins.
Perfect for social engineering
System users and colleagues at work tend to share passwords due to various reasons. Password reuse can be a major security loophole even for very stable systems. Thus, password less authentication now remains one of the most reliable methods for tacking social engineering. Also, with biometric authentication, the team in charge of security can gain control and the much needed visibility into the system. Therefore, password less authentication is a very important access management tool.
Are you a victim of cyber-attack in Kenya? Is your company a past victim of ransonmware or persistent malware attacks? Contact us today for an effective cybersecurity strategy that not only protects you from losses but also saves you money and time.
Contact us now.