Since October is cyber security month, we thought we’d write a post for all those who were feeling gaps in their cyber security knowledge. COVID has made cybercrime skyrocket. This makes being clued up on the essentials all the more important.
This month Ratcliff IT are offering a FREE demo of our cyber security awareness training offering. So if your cyber security awareness is anything below par, skip to the bottom to book a demo.
If you’re rusty on your phishing awareness, reading our tips on spotting phishing and the attacks you should know about, will help to quickly plug some gaps. Otherwise, read on for a rundown of some of the most important cyber security boxes to tick.
This is perhaps the most important point of them all. What’s written above is mostly a question of implementing technology solutions and policies. But cyber security awareness training is about handing over the cyber security responsibility to the employee. So it needs a lot of attention. They need to know how to spot phishing scams. They need to know what precautions to take when working from home. And quite often, it’s a legal requirement.
But first, why is security awareness so important?
The practice of securing your networks, your software, and your data from criminals is, in many ways, the foundation your business is built upon. In a similar manner to driving a car, one small mistake or one bad participant can cause life-changing damage. And as with cars, it would be stupid not to have an insurance policy – not to mention criminal. Good cyber security awareness is the closest you can get to a fully comprehensive insurance policy. In our days of GDPR, cyber security awareness is impossible to ignore.
What essentials should I make sure my business has?
A regularly updated antivirus
This is so essential it almost goes without saying. Make sure your antivirus regularly checks for updates. If you’re a larger organisation it’ll be smart to frequently report antivirus updates to a centralised server that can manage and automate any updates required. Equally, regularly updating your operating systems is non-negotiable.
A strong WFH/BYOD policy
Due to COVID, more of the world is working from home than ever before. This means more accessing of company assets via employee-owned devices and WiFi with poor security. Phishing attacks and ransomware are ready to capitalise on this.
Measures such as security awareness training – which we’ll cover more later – making sure employees take precautions when using public WiFi (namely with VPNs), and strict requirements for employees using their own devices can help mitigate the risks.
Principle of least privilege
This is the simple practice of only giving the minimum amount of access to the minimum amount of people. Only let an intern access what an intern needs to access. Only let the managing director access what they need to access. The less access granted to an employee, the less a cybercriminal will have access to should they gain control of an employee’s system.
Application whitelisting
This is the process of outlining the applications that can be run on company computers. This is one of the simplest ways of protecting against malware.
Monitoring
Good monitoring can detect any suspicious activity and identify incidents before they become serious. A security manager should be able to notice threats happening in real-time and learn the ways criminals are targeting a business. Also, plenty of security tasks can be automated with a good RMM in place.
A suitable password policy
A good password is a complex password. These should be set by IT staff, be changed multiple times per year, and have a combination of, numbers, special characters, upper- and lower-case letters. Multi-factor authentication is also smart. Linking passwords with mobile devices and biometric data such as fingerprints or retina scans provide another layer of security.
Cyber security awareness training
Cyber security awareness training has multiple benefits. Plus, you can’t take cyber security seriously without training your employees in it. Because at the end of the day, no matter how many firewalls you install or policies you draw up, employees are a business’s first – and weakest – line of defence. But that can be strengthened with cyber security awareness training from Ratcliff IT. And right now, we’re offering a free demo.
Click here, to book your free cyber security essentials demo today, and take the most important step toward protecting your business from cybercrime.