What’s the biggest threat to cyber security in your business?

In 2020, it’s probably malware.

This has always been a threat to users of any kind but as hackers have become more aware of the potential leverage they have, businesses are at a greater risk.

With more people working from home in 2020 this has only increased.

Home workers offer a potentially easier route into a business network, due to the use of home equipment and less stringent protocols.

Whether working from home or in the office, it’s important that you take the threat of malware seriously.

WHAT IS MALWARE?

As the name suggests, malware is any software, created with malicious intent.

Malware doesn’t need to be complex, but it can do a lot of damage. It’s also not just one type of software but an umbrella term for anything which has been created with the purpose of causing havoc to your systems, stealing your data or robbing your money.

Here’s a few different kinds of malware. You’ve probably heard of some of them before.

VIRUS

• The common computer virus is a form of malware which is designed to corrupt and delete your files and data.

WORMS

• Worms enter a network and infect multiple connected devices.

TROJAN HORSES

• Although initially unsuspecting, once on your device, these open up a back door to your network, potentially for other malware to follow.

RANSOMWARE

• An increasingly common form of malware which once on the system, encrypts your data and holds it at ransom, threatening to destroy it.
• The only way to unlock it in most cases is to pay the ransom to hackers.

SPYWARE

• Tracks your passwords and activity, potentially farming large amounts of data, without your knowledge.

HOW DO I PROTECT AGAINST THIS?

All of the above sound pretty nasty and definitely something any business will be keen to avoid.

The potential financial repercussions are disastrous and the time and energy lost recovering from an attack is reason enough to take the threat seriously.

Fortunately, there are a number of things you can do to protect against it.

We’ve talked about some of these things before in previous blogs, so we’ll link to those for further information.

ROUTINELY PATCH YOUR SYSTEM

When we talk about patching, we’re essentially talking about updates.

Unsurprisingly, it’s called this because you’re patching up flaws in your system and programs.

The whole system, from individual devices to the operating system your network runs on, will have a mixture of flaws and bugs in the programming.

Developers will regularly release fixes for these but it’s essential that you actually add these updates and that your employees all get the same one. A lot of malware is built to exploit known faults and vulnerabilities, so patching asap is a must.

Keeping on top of patching can be time consuming for some businesses and you may not always know what needs to be done.

Fortunately, there is such a thing as Remote Patch Management. This means an IT manager takes care of it remotely. We talked about that here.

PRIORITISE ENDPOINT SECURITY

An endpoint is any end user device. Typically, that’s any computer on the network.

Now, more than ever, this is cyber security’s frontline, particularly as there are many people working from home.

This needs to be prioritised over and above any other aspect of your cyber security protocol as it’s where threats are most likely to come in.

Precautions you can take include putting in systems and protocols to ensure you don’t have to micromanage individual devices.

One such protocol that is simple and effective is the use of multi-factor authentication. We wrote a blog about this too!

HAVE A DEDICATED FIREWALL

Another important thing to have is a dedicated firewall. This should hopefully come as no surprise.

Having firewalls for each device (endpoint) is obviously important, but most devices will have one of these as default so this is perhaps less of a concern.

What we’re really talking about is a network wide firewall. This operates from the server at the heart of your business and should cover the whole network.

With a decent firewall in place anything coming into the network is filtered for malicious code, ensuring that nothing gets past it. Our recommended firewall is SonicWall. It will cover all your bases. More information about that here.

DIVERSIFY YOUR BACK UP SOLUTION

We imagine you’ve heard plenty about backing up your data and having a storage solution.

But what does it really look like to have an effective backup solution? Is one hard drive or cloud drive enough?

Well, no, is the answer. The best thing you can do is diversify your back ups and spread your data across multiple sources. This can be a mixture of different onsite and offsite servers.

This is less a preventative measure and more about being ready and prepared for disaster. If your network is breached or data is encrypted, you will have another option to go to, which will get you up and running in no time.

TAKE CARE AND YOU SHOULD BE OK

It may seem obvious but the best thing you can do is simply remain vigilant.

Take care when opening emails, use different passwords, don’t share sensitive information over an unsecure network etc.

It’s important that all your employees are reminded of this and that they follow a companywide mandate on cyber security. That way you should be safe.

Hopefully this advice has been helpful and you’ve been reminded about something you may not have done otherwise.

For more information about cybersecurity as well as the cyber products we recommend for keeping your business safe and secure, drop us a message.