8 Best Practices for Avoiding Cyber Security Attacks

Feel like you’re jumping into the middle? This is the last post in a four-part series. Check out the first post in this series on Cyber Security

While attackers do typically look to exploits weaknesses in cyber defenses, Coalition, a cyber security insurance company, stated 60% of claims from 2019 to 2020 resulted from human error. Likely many of those could have been avoided through education and understanding of cyber security protocols.

Here are some of the ways Metis IT can aid you in implementing a cyber security-focused infrastructure to better protect your business and your customers from potential cybercrimes or breaches.

1. Increase Email Security

Email has become common in our daily lives, both personally and professionally. But unfortunately, email is not a secure form of communication. In more than half of claims, email is the point of entry for attacks that resulted in data or financial losses. To increase security, consider an Email Hosting Provider (a platform that manages your email traffic) experienced in cyber defense and initiating a Mail Proxy, which works with an email service provider to filter out malicious emails.

 

2. Implement Multi-Factor Authentication

Did you know that four out of five email intrusions happen because of weak or stolen passwords¹? Using Multi-Factor Authentication increases security to your email, network or other business-critical systems. Some MFAs use text messages, and others use emails or phone calls to verify the identity of the person logging in. It’s likely people will be familiar with Google’s Two-Factor Authentication (2FA).

 

3. Maintain Good Data Back-ups and Regularly Update Software

Frequently backing up your data and updating software could make or break you in the case of a ransomware attack. If your critical systems become encrypted, recent full back-ups and current software could mean you are up and running with a full recovery rather than dealing with a complete loss.

 

4. Secure Remote Access

The global pandemic shifted the landscape from office-based to work-from-home, bringing about a whole new set of additional risks as company’s gave employees remote access. To increase the security of remote access, consider implementing an access management or authentication proxy, encryption, requiring stronger passwords, and limiting access or authorization to critical business data.

5. Use a Password Manager

Since it recommended to use varied passwords with a mix of numbers, letters and symbols, using a password manager increases the likelihood that employees will follow through with this practice. The password manager works like a vault, storing all the unique application and platform passwords encrypted behind one singular master password.

 

6. Scan for Malicious Software Often

Imagine for a moment how many people have to access your networks or send and receive emails within your business. Each one of those touches provides an opportunity for an attack. Having antivirus software in place and regularly scanning for viruses, worms and other malware lessens the probability of something getting into your network. Plus, Endpoint Detection and Response, EDR, is an enhanced version of antivirus software that can identify, detect and prevent threats to your cybersecurity.

 

7. Encrypt Data

By encoding your data, you essentially hide it from anyone who gains access to it through malicious intents. Encryption helps you protect private information and adds to the security of communications between client applications and servers as well as external communications.

 

8. Raise Awareness of Cyber Security

Seems like a no-brainer, but this is sometimes the overlooked link in the armor. Since cybercriminals are going to target anyone from rank-and-file workers to C-Suite level, small businesses to large corporate organizations, making everyone aware of cybersecurity protocols – and ensuring they are implementing them – is crucial to being vigilant and avoid them becoming victims of an attack that affects the whole company.

Bonus:

9. Purchase Cyber Security Insurance

Even if you do follow all the best practices, cybercrimes can still occur. In the case of a successful breach, wouldn’t you rather know that you are covered? Cyber Security Insurance coverage, such as those protections offered by our partners at Brown & Brown <http://www.bbrown.com/> may mitigate the damage and/or losses resulting from the malicious attack.

Sources : 2021 Coalition Cybersecurity Guide, CyberSecurityGuide.org/resources/cybersecurity-101

This post was co-authored with Brown & Brown