Here's The Formula To Properly Protect Your Technology, Your Data, and Your People
This page will be updated as we release Episodes 31 - 34 for Cybersecurity Awareness Month
Protect Your Technology - Episode 31
Internet FailoverNot only will this help keep you up and running, it will prevent employees from using their own personal hotspots which would effectively bypass your organization's firewall/UTM.
Endpoint Detection and Response (EDR)Also known as anti-virus, this is one of the original tools to fight cyber crime. But like everything in cyber security, this technology has evolved greatly over time. Make sure you have the right tool protecting your business. Here's a good point of reference: Gartner Endpoint Protection review
MDR for Cloud ServicesMDR stands for Managed Detection and Response. While EDR takes care of computers (Endpoints), here we are specifically referring to cloud services like Microsoft 365. A very large percentage of attacks involve cloud services. This often-overlooked security measure is a critical component of overall protection.
Firewall/UTMA Firewall is like a bouncer at a high profile night club. It controls what data can and cannot get in to the party (your network). UTM, which stands for Unified Threat Management, is like a firewall with extra features. Sometimes these terms are interchanged. Either way, you need a good one. Consumer grade (something you can buy at a retail store) won't cut it.
DNS FilterDNS filtering protects mobile devices from harmful content when a user is outside of the corporate network. Think of it as a firewall/UTM that travels with you. This is especially important in work-from-home environments.
Security PatchesAll software (Microsoft Windows, Microsoft Office, Adobe, QuickBooks, etc.) needs to be updated on a regular basis. As bad guys find security flaws, software engineers fix those flaws (patches). But if you don't keep your software up to date, it leaves you wide open for malicious attacks.
Asset ManagementIn order to properly protect your technology, you need to know what technology you have and where it lives. While this sounds simple enough, Bring Your Own Device (BYOD) and Shadow IT can really complicate things. Make sure you have good policies and procedures around what your team can and cannot use to conduct business. We'll talk more about policies and procedures in Episode 33, "Protect Your People".
EncryptionEncryption prevents an unauthorized agent from accessing key information. Mobile devices are of primary concern, but it's a good idea to encrypt everything. The key (pun intended) is to keep track of your encryption keys. If you encrypt a device and lose the key, you've basically created your own ransomware attack!
Complex PasswordsIn Episode 13 we talk in depth about passwords and password managers. Here's the overview: use complex passwords everywhere, and do not reuse them. One place this is often overlooked is on devices like printers, consumer grade firewalls and access points, and IoT devices.