Cyber Security Tips

How do I secure my business or personal computers/network?

  1. Change all default logons and passwords. When you buy a device it often comes with a default admin logon and password.
  2. Ensure your home network router is password protected.
  3. Consider configuring your home router/hub to restrict devices to known devices via MAC Access Controls.
  4. Add a Guest network to your home network with restricted access.
  5. Always use a VPN on your laptop, phone or mobile device when using a public network like at Coffee shops, airports etc.
  6. Turn off unnecessary protocols and configurations like file sharing.

Top 5 Cyber Security Threats and how to protect against them:

  1. Ransomware
  2. Phishing
  3. Data Leakage (loss or control of mobile devices)
  4. Hacking
  5. Insiders

 

How to protect against these threats:

  1. Awareness: The best defense against threats is awareness. Be vigilant and suspicious of all emails, websites, phone calls and links. Do NOT respond or click on any emails, links or sites that your are not 100% sure are safe. If in doubt, DON’T.
  2. Software Updates: Ensure that you are using a current supported version of software and that you update it regularly. Apply security updates as soon as possible when released.
  3. Anti-Virus Software: Install and keep updated a good Anti-Virus and Malware protection program on all devices.
  4. Backup your Data: Perform DAILY backups of important data to a stand alone device. Test backups regularly. Maintain multiple backups for best protection.
  5. Multi-Factor Authentication: Use multi-factor authentication if available to protect against hacked passwords.
  6. Spam Filters: Activate Spam filters on email to reduce phishing emails.
  7. Lock & Encrypt: Ensure all mobile devices (phones, tablets, laptops) are passcode protected and encrypted.
  8. Remote Wipe: Consider GPS tracking/Remote Wipe capabilities on Mobile Devices.
  9. Secure: Physically secure Mobile devices at all times.

Additional Controls for Businesses:

  1. Implement Firewalls to define and restrict access to sensitive and important data.
  2. Implement Access Controls to restrict access on a ‘need to know’ basis to systems and data.
  3. Segregate sensitive data and implement DMZ’s as required.
  4. Consider restricting the use of USB ports on devices to reduce the risk of copying sensitive data.
  5. Implement a Data Loss Protection (DLP) program to further restrict actions on sensitive data.
  6. Businesses using Point of Sale (POS) terminals to accept Payments should physically secure the devices, inspect them daily for tampering and never leave them unattended with a customer.
  7. Don’t forget physical access restrictions and controls to sensitive areas especially computer rooms and telco closets. Only Authorized employees who need access should have it. All visitors should be escorted at all times, including maintenance and repair vendors. Do NOT permit anyone in who purports to be a maintenance vendor without proper authorization.

For more information or to book your own Cyber Security Review contact us here.