After an incident (or, hopefully you’re reading this before you’ve had an incident), it is important to take the right steps to secure your organization against future threats. These items are only part of a diligent network security protocol. Contact Secure Network Technologies to schedule a free consultation; we’d love to learn more about your organization and make recommendations for next steps.
1. Password Policies & Management
Require regular password changes for all systems, websites and software at scheduled intervals for all members of your organization. Don’t allow anyone to use the “minimum” number of characters – the longer and more random the password, the harder it’ll be to crack. It is preferable to use unrelated words combined with random numbers and letters, and to set different passwords for each and every website, system and program where applicable. We recommend a password manager like LastPass to help your personnel manage lots of long, complicated passwords without hassle – while retaining maximum password security.
2. Dual Authentication & I.T. Configuration
Dual authentication is a method of creating an additional layer of password security. It requires the user to use an authenticator app, a text code, a QR scan, biometric reading, or a randomized passcode that is emailed to them. LastPass, mentioned above, helps add this layer of security to all passphrases. Additionally, your internal servers, applications, websites, datacenters, systems and more can benefit from the right security configurations, registry changes and permission settings to prevent malicious actors from leveraging unforeseen network security gaps.
3. Physical Security Due-Diligence
Physical security is just as important as digital security. Make sure every employee knows it is required to scan their individual ID’s upon entering an access-controlled door. Restrict your team from opening the doors for people coming in behind them, and enact a policy of asking visitors detailed questions about their reasons for entering the office. Everyone must keep track of all ID cards and credentials.
4. Regular Pen-Testing (Penetration Testing)
Penetration testing is required if your organization is to remain vigilant and prepared to successfully thwart malicious incidents. A once or twice annual pen test can save your organization millions in potential data, financial and reputation losses that result from an attack. During an penetration test, Secure Network Technologies will attempt to skirt your organization’s defenses (on an isolated image of your systems and networks). We’ll then give a comprehensive report on where your vulnerabilities exist, and make recommendations for fixing all the gaps.
5. Training, Training, Training!
Training your entire team is an underestimated mitigation protocol. The longer it takes for an attack to be flagged by an employee or IT team member, the more damage it will likely cause. Training helps your organization remain vigilant and raise an issue much earlier in the time line of an attack, and can help mitigate costly data, financial and reputation loss. Secure Network Technologies also offers team training so your employees can become hacker-exposing pros!
Set Your Business Up Right & Mitigate At Least 80% of Cybersecurity Threats
Setting up the right system security configurations, password protocols, software and hardware security tools and regular penetration testing will save your organization from crippling data, financial and reputation loss.
Avoiding cyber attacks begins before the incident. But when it can’t be avoided, we’re here to help! Sign up below to get the Emergency Response Handbook – it contains this information and more so you know how to protect your organization in the event of a cyber threat.