Security breaches can be disastrous for a business. Stolen data can result in financial liability and loss of customer confidence. Ransomware and other sabotage will lead to downtime and even permanent data loss. To avoid such outcomes, you need a comprehensive security strategy.
Only authorized people should have access to internal software and sensitive data. All accounts need to have strong passwords. Two-factor authentication gives greater protection, so that a stolen or guessed password isn’t enough to get in. Employees should have only the amount of access they need.
Employee accounts shouldn’t be accessible over the public Internet. Telecommuting is an excellent benefit, but employees should have access only through a VPN or equivalent security.
Every computer on the network should have anti-malware software, and it needs to be regularly updated. New threats appear on the Internet every day, and any that get through to your computer can do serious damage if they aren’t caught quickly.
Spam filtering is equally necessary. If someone opens a malicious email attachment, it can mean serious trouble. If phishing mail doesn’t reach the victim’s inbox, it can’t do any harm.
Data that leaves the premises should be encrypted, and so should any sensitive on-premises data. If confidential information such as financial data needs to be stored, it should be in a hashed or encrypted form. Laptops and phones that hold proprietary information should use whole-device encryption.
Defense in depth is what this is about. Attackers shouldn’t have access to the data in the first place, but if they get it, it should be in a form they can’t do anything with.
People can delete data by mistake, or malware can destroy it. To keep it safe, you need an up-to-date offsite backup. If your only backup is on the premises and connected to the computer, it can be wiped out along with the original. The more frequent the backups are, the lower the risk. The backup needs to be encrypted both in transit and where it’s stored.
We are an IT company who provides managed IT support services that will keep your systems safe and smoothly running. Contact Fission to learn what we can do for you.