How can a small/medium sized business protect against ransomware and Cyber-attacks? I believe that’s by reducing your exposure through limiting your IT ‘surface area’. Small adjustments to your IT infrastructure can make your systems significantly more secure. No system is completely safe though, so plan for the worst and hope for the best!
A few years ago, malware was usually just an inconvenience, but it now has the ability to cause serious data loss and major business down time
A brief outline of some security considerations:
1. Have a formal business process in place should you receive any communications from a supplier asking you to change bank account details for making payments so that the request can be verified as legitimate
2. Ensure you have a good quality monitored backup solution in place which covers all business data you wouldn’t want to lose
3. Have a disaster recovery plan that has been tested and updated every 6 to 12 months, think business continuity. Ensure responsibilities are clear and that all aspects of your IT/Comms environment are covered
4. Have a documented process in place so that when staff leave the business all their various accounts are disabled/deleted immediately
5. Ask your employees to take extra care, and only use their computers for business usage. Create an internal IT policy which clearly defines acceptable use. Update this document as technology changes
6. Staff opening suspect emails is still a prime route into your PCs. Train staff and consider using a free third-party service like https://www.knowbe4.com/phishing-security-test-offer to see how prone they are to phishing emails
7. Ensure your IT systems are updated often with the latest security patches and firmware
8. Spread your IT risk, use a mixture of cloud services and onsite IT solutions
9. Change over to a firewall with integrated security services, have your existing firewall policies reviewed. Don’t use a normal ISP supplied router which has next to no protection
10. Retire old vulnerable software and hardware from your business
11. Ensure your staff are aware of the risk of inserting an unknown USB drive
12. Implement Mobile Management policy for your company laptops, tablets and mobile devices
13. Upgrade to latest wireless security protocols, get rid of WEP protocols, ensure you separate your wifi networks so that any guest’s devices are completely isolated on a separate network
14. Look at 2 Factor authentication (2FA) for protecting access to critical parts of your IT systems
15. Add additional layers of security to email, even if it already comes with security built in. Standard filtering is often not good enough
16. Change your passwords every couple of months, ensure you use complex passwords and don’t recycle passwords or share them!
17. Would your business benefit from DDoS protection for critical internet connections or websites?
18. Is your data 100% safe in the cloud, think about backing up your cloud services such as Office 365, Dropbox, Google etc
19. Allow only authorised devices on your network using network access controls solutions where appropriate
20. Think about Encryption for laptops, tablets and removable storage devices, consider a Data Loss Protection solution
21. Run Security audits or independent Vulnerability Scans against your computer systems
22. Ensure you have a relationship with a professional IT Services Auckland company that can improve your IT security and help if the unfortunate happens
23. Desktops and Laptops should be protected by anti-malware not just antivirus
24. Did I mention backups?
More International internet bandwidth coming to NZ! The construction of the $500 million fibre cable between NZ, Australia and USA is 50% done, and should be completed by June. The ship Responder docked in Auckland last week prior to laying the NZ segment of the cable which will land near Mangawhai Heads. Total capacity of the fibre link will be 43 Terabits, which is nearly 10 times the current bandwidth used by Australia and NZ! The cable will compete with the existing Southern Cross Cable which is part owned by Spark. Last year Microsoft and Facebook teamed up to connect Virginia Beach in the USA with Spain through over 4000 miles of cable, and Google has recently joined the undersea cable business and announced that it will circle the world three times over not to be left behind
What is Cryptocurrency and Mining?
Cryptocurrency is an encrypted data string that denotes a unit of currency.
Cryptocurrencies are created (and secured) through cryptographic algorithms that are maintained and confirmed in a process called mining, where a network of computers or specialized hardware process and validate the transactions.
As a result of the growing value and popularity of cyrptocurrencies, mining malware has become a growing issue with cybercriminals infecting thousands of machines and using them to mine currency without the user knowing.
Cryptocurrency-mining malware steal the resources of infected machines, significantly affecting their performance and increasing their wear and tear. An infection also involves other costs, like increased power consumption.
What can I do to avoid it?
It is important to have an up-to-date Anti-Virus and Anti-Malware solution for all computers and devices as a bare minimum. Other technologies such as Active Firewalls are also a great defence against unwanted attacks and unauthorised access.
Microsoft have recently launched Microsoft 365; a complete, intelligent solution, including Office 365, Windows 10, and Enterprise Mobility & Security, that empowers everyone to be creative and work together, securely.
Microsoft 365 Business is built to deliver the productivity tools and security services businesses need in a single, simple-to-manage product. It safeguards company information, extending security across users, apps, and devices. It helps ensure PCs are up to date and secure, helping prevent security vulnerabilities that cyber-thieves often exploit. It also provides protection for company information across devices, with the ability to remove company data from lost or stolen devices.
Contact Us to learn more!
Microsoft recently announced the next perpetual release of Office – Office 2019.
This release, which is scheduled for mid-late 2018, will include perpetual versions of the Office apps (including Word, Excel, PowerPoint, and Outlook) and servers (including Exchange, SharePoint, and Skype for Business).
Office 2019 will add new user and IT capabilities for clients that aren’t yet ready for fully cloud-based solutions. New features will include better data analysis in Excel, inking features in for drawing and design, additional animations for PowerPoint and improved IT manageability, usability, voice, and security.
Office 2019 will be a valuable upgrade for customers who feel they need to keep some or all apps and servers on-premises.