Businesses of all sizes are trying to support their remote workers and weighing the challenges of bringing workers back to the office – all while maintaining connections with their clients and partners. The events of this year and last have created many cybersecurity issues and uncertainty for business owners.
However, at least one certainty remains - you need to protect your data, networks, and employees from cybersecurity threats. Businesses continue to spend time and energy pivoting to maintain a strong cyber posture, compliance and more.
October is Cybersecurity Awareness Month. As we begin the last quarter of the year, the team at Silverado wants to provide you with actionable items to improve your security now and what items you should be planning for next year to keep your company safe.
Actions to Take Now
Use All Currently Available Cybersecurity Features
The first step you should take is to make sure that you’ve activated all the available security features on the products you are currently using. Don’t miss out on the built-in security features of the products you’ve already invested in.
Verify that All Employees Are Using MFA
Multi-factor authentication is an important security step where users input two different pieces of information to verify their identity before accessing company data. You might already be using MFA on some of your programs, but are you using it everywhere that you should be?
Read why you shouldn’t wait to set up multi-factor authentication MFA.
Perform Company-Wide End User Cybersecurity Training
When a hacker sends out a phishing email, will all of your employees be able to tell that it’s suspicious? Phishing attacks can cost companies millions of dollars. It’s so important to do everything you can to make sure your employees won’t be fooled by increasingly savvy hackers.
Read how to budget for end user security training.
Safely Share Access to Files
As your company grows so does your data. Do you have a plan for organizing and controlling the access to that data? Without proper organization of your files and folders, it can open access to data that should be protected. Not all employees need – or should – have access to all your data. Developing a folder structure and granting access to only those that need it for each drive or folder can minimize your risk of data breaches. Silverado can help you develop a plan to grant user access to files based on their role and workflow needs.
Create Strong Passwords
Did you know that a hacker can crack an 8-character password made up of numbers only in less than an hour? Once a hacker cracks an employee password, your data is immediately at risk. Consider implementing a password manager application to generate strong passwords and provide a secure place for your employees to store passwords.
Verify that Your Backups Are Secure
Backups are extremely important in case your company does become vulnerable to a cyberattack or a system failure. It is critical that your data is backed up in two different places: locally and offsite. As an IT services client of Silverado, we review your backups daily to ensure they are running successfully.
Actions to Take Later
Although these actions might not be in your current budget, it is important you begin to plan on when you can implement them. As you start to plan for your 2021 budget and goals, take these steps to complete your cybersecurity plan.
Perform User Application Audits
Do you know if all the applications your staff downloads are secure? You can find out through user application audits. Cloud Discovery, an Office 365 feature, will search through firewall logs, look for shadow IT (third-party apps that the company doesn’t know are in use) and provide a report about known vulnerabilities and recommendations. Silverado can help you analyze these reports and provide suggestions to secure these applications.
Set Up Single Sign-On
Single sign-on (SSO) enables users to securely sign into multiple applications and websites by logging in once with one set of credentials. With SSO, the application or website that the user is trying to access relies on a trusted third party to verify that users are who they say they are. Not only does SSO improve your security, it simplifies the login experience for your users.
Encrypt Your Data and Devices
One of the easiest ways to secure your company’s data is to make sure your shared documents are encrypted. Encryption ensures that all data stored on both personal and company-owned devices is protected should they be stolen or hacked.
Adopt a Zero-Trust Approach
A “zero-trust approach” means you assume that there are attackers both within and outside of your network, so no workers or devices should be automatically trusted. This added layer of security has been shown to prevent data breaches and loss of proprietary information. Another aspect of zero-trust security is limiting access to information on a need-to-know basis and giving users the least amount of access necessary to do their jobs effectively.
Use Cybersecurity Monitoring Tools
Did you know that on average, a hacker or malware can be on your network or hide in applications for up to 180 days before they attack or are detected? Monitoring tools can help keep an eye on your company’s digital environments. Silverado can work with you to choose, set up and run the monitoring tools that make sense for your business.
How Silverado Can Help With Cybersecurity
Choosing the right IT security partner with can help both your short-term and long-term cyber game plans. If you’re ready to take action now, contact us for an Initial Security Assessment and begin the process of securing your company’s digital presence.
If you want to learn more about developing a strong Cyber Game Plan, watch our Cy-Beer Security Webinar to learn more tips and details.
Don’t just take our word for it! Cybersecurity expert Joseph Steinberg, author of CyberSecurity for Dummies, will be joining our webinar sharing more about #CyberSecurity and how to #BeCyberSmart. Joseph Steinberg is a recognized thought leader in the cybersecurity field and a respected authority on artificial intelligence and other emerging technologies.
