Cyber Security is a top concern to all successful businesses.
Particularly if you’re taking online payments and handling customer data, your IT needs to be secure. If you don’t ensure the security of these systems, you could find yourself in breach of compliance regulations.
A cyber security incident could have a devastating impact, potentially impacting:
Becoming cyber secure means establishing and following security policies that cover all areas of IT in business, including necessary behaviours and processes followed by employees.
Become cyber secure
We’re running a London based breakfast event in April 2017. Come along and learn about the top cyber security threats facing London businesses today.
Is your network perimeter managed and protected using recommended hardware and software security solutions to filter out unauthorised access and malicious content? Is this monitored and tested on an ongoing basis?
Manage user privileges
Privileged accounts with access to more sensitive information and higher levels of controls should be limited and carefully monitored.
Are all systems protected by malware to prevent download of infected files or installation of suspicious software? Thousands of new threats emerge daily. Is there a policy in place to ensure malware protection is always completely up to date and not bypassed by users?
Are all IT systems and networks monitored to catch suspicious activity that could indicate an attack?
Are security patches and updates being proactively installed on servers and desktops to prevent unauthorised access to systems via ‘backdoor vulnerabilities’ in operating systems and applications?
Home and mobile working
Home and mobile working can be a security risk if best practices are not followed. For example, using a shared device can result in data leakage outside the organisation, and using public wifi can leave users vulnerable to “man in the middle” attacks, where a cyber-criminal snoops on an unsecured connection.
User education and awareness
Is ongoing user education happening to ensure users stay vigilant against cyber-attack? Most successful attacks use social engineering methods to take advantage of people, rather than breaking through systems or exploiting technological vulnerabilities.
Are users aware of appropriate action to take in case of cyber-attack or IT disaster scenarios? Is there a documented and tested disaster recovery or business continuity plan in place?
Removable media controls
Did you know that plugging in a USB drive, or even a USB mouse, can deploy malware to your computer or networks – potentially allowing a cyber-criminal access to your data or networks?
Draw up a security policy
All IT use should be governed by an IT security policy – outlining the required processes and allowed behaviours for all users within the scope of the document. Following the security policy will ensure that IT disaster, cyber-attack or security breach is not down to negligence on the part of internal staff.