As we approach the last few months of 2020, security continues to be a hot topic. How do you protect your end users in the office? What about those at home? How do you make sure your data is not compromised? How can you be confident that you are doing everything possible to keep your company secure? We are going to share four ways that you can protect your company – and feel confident that you are protected!
1. Anti-virus and email filtering
- The first step is having a system in place that blocks phishing attempts and cyber crimes before they reach your end users. Having a strong email filtering system will help keep those phishing emails out of inboxes and away from “happy clickers”. A strong anti-virus software will help block vulnerable websites and systems from compromising your users.
- Want to know what the professionals use? BECA currently uses Webroot for anti-virus and Barracuda for email filtering.!
2. End-User Training
- So what happens if a bad email makes it through to a user? Or maybe a compromised website was not blocked? It is important that your end users are routinely trained on ways to spot a bad email or suspicious link/website. Your end users are your human firewall. They need to be educated on the best practices for email and internet security. This is a big requirement for a lot of compliancy regulations as well.
- Want to know what the professionals use? BECA uses KnowBe4 as well as Barracuda’s PhishLine to test and train our end users. Each month, we run a campaign that sends fake phishing emails to every team member. We monitor if anyone fails the test by clicking, replying, or opening an attachment and then assign training based on who failed.
3. Aggressive Monitoring
- Aside from trying to prevent your users from clicking a bad link, downloading a bad file, or opening a bad attachment, it is very important to be monitoring all your systems 24/7 for any suspicious activity. And yes – this means every employee computer, phone, iPad, etc. as well as any other device connected to your network. Having a system in place that will alert you as soon as any suspicious activity or file is detected on a device is crucial for the final step: Quick Action.
- Want to know what the professionals use? BECA utilizes two tools for aggressive monitoring. The first is Thirdwall which allows us to create a full record of every user logon, logoff, unlock, lock and failed logon event. We also use a tool called Huntress. Huntress watches for un-authorized access to a system. It continuously monitors computers for any suspicious activity that matches the algorithm of a virus, and alerts us the second it notices suspicious activity that could lead to un-authorized access.
4. Quick Action
- It is so important that you or your IT team react at the first sign of any vulnerability or virus. Immediately get that computer off the network and disconnected before scanning everything. The longer it takes you to react, the higher the chances are of that virus getting into your network. It is crucial that you have a system in place that allows you to react quickly before it is needed!
- Want to know what the professionals use? Thirdwall was mentioned previously, but we also use this tool for quick action. It allows us to quickly ISOLATE or ANNIHILATE any machine. We also have several different notification systems in place that will alert our top-level engineers in the event of an attack.