“One single vulnerability is all an attacker needs.” — Window Snyder; Chief Security Officer, Fastly.
Keeping networks and your business information secure is a full-time job. In today’s climate, it is no longer “if” you fall victim, it is more a matter of when. In a report from AT&T, it was found that 80% of businesses acknowledge they experienced some sort of cyber attack. We take this issue seriously and we are always looking for ways to improve our business partner’s cybersecurity.
Cyber Security is not a one-size fix all. It’s also not a leave it and forget process. Attacks are continually evolving and how we react and prevent these attacks needs to evolve as well. With this mindset, we spent the first part of 2020 evaluating how we are securing our client’s networks and preventing cyber attacks.
We started by evaluating our remote monitoring software. We chose a service that gave us the flexibility to manage all our client’s workstations and servers. We ensured that we had updated maintenance plans in place and configured this system to push updates to our clients regularly. Keeping software updated is constant and all operating systems and software push updates regularly. Often users think these updates are for new features and just an inconvenience. However, they frequently have security patches. Security flaws are uncovered all the time, some make news headlines with how big of an issue they are, some are silently patched and the user is none the wiser. Regardless of the patch, it is our priority to always ensure everything is updated regularly and consistently to prevent vulnerabilities.
Software vulnerabilities are not the only way your network can be compromised, internet browsing opens the door to a whole group of other ways to put yourself at risk. We have worked to mitigate this risk by installing software that allows us to monitor browsing and prevent access to questionable sites. With our DNS protection software, we can block any sites that are not work appropriate. Our filter worked overtime during the COVID-19 outbreak. It was constantly blocking tracking sites that had some form of malware on them. It becomes critical that users stay on sites that are needed for business purposes only. Any private browsing opens the door to unneeded risk and we try to limit it the best we can.
Preventing access to questionable sites can only go so far. We find that users still download and open things that put the network at risk. For those situations, we re-evaluated our anti-virus solution. The one we were using was good and came highly recommended. However, we did some of our own tests on multiple anti-viruses, only one blocked and identified everything we threw at it. It only made sense to update all our business partners to this more robust and encompassing tool. We get daily reports on intrusions found and the action taken. We know it is working and can share those reports if our clients want. They can rest assured that it is working hard for them in the background and we are constantly monitoring.
We have tried to account for all variables and prevent the vulnerabilities as much as we can. Realistically we know that something is bound to get through or there is a new threat no one has uncovered yet. With that realization, we implemented a new option for our business partner’s networks. It runs silently in the background and looks for anything out of the ordinary, files changing, services replicating, any behavior that usually indicates an infection. If anything seems off, we are notified and they work to investigate and uncover the cause.
At this time we have ensured that all the computers we manage are continually updated to prevent known vulnerabilities. Internet traffic is blocked to prevent an accidental download of malicious content. Workstations are scanned continually for any problems and they are rectified. Cybersecurity is a big issue and any problems can cripple a business depending on when it is identified. We will continue to discuss the ways we manage our client’s networks to mitigate the risk as much as we can.
If you would like to know more about the risks to your business and how big a threat Ransomware is, please sign up below and we will send you a free report from one of our business partners on the subject.