Protecting Your Businesses Digital Property
The best visual analogy for the digital walls of defence that are needed for businesses today is that of a mediaeval castle. Imagine that your business is at the centre and your varying levels of security defence being the Moat, Outer and Inner defence measures. The more levels of defence, the more difficult it is to get through to the centre (your valuable businesses data).
Firstly, your business will need to identify its most valuable property that is held within the digital realm. This form of information could be the identity (i.e. social security number, Postal Address, Email Address) of yourself and anyone that you employ and the data that you use remotely through devices that could be stored via cloud services.
Once highlighted, these forms of data need to be mixed into your cyber protection plan. You will need to ensure that these assets are defended at all costs because after all, cyber criminals are mainly after personal details and valuable data.
Where to start?
Each level of defence is going to need an individual means of defence. The levels of defence should be protecting data in value order. The first level should be defending data that your business sends and receives digitally, this is used by criminals to send misleading emails under false pretence that seem genuine and result in the victim giving away their details directly (i.e. asking for payment of an ‘outstanding’ invoice).
This best forms of defence for this initial level are Firewalls, Anti-Malware / Virus / Spyware software.
Keep your head in the Cloud
Don’t worry, you can still use cloud services as you usually would. But do not use them as an ‘excuse’ not to vet the service provider and the security measures they take with your data, or indeed back it up! You are most probably going to want to enabled additional security services, such as 2 Factor Authentication for Office 365 to protect the data that you have stored there.
For data residing on your internal systems you must be using support systems and automatic patching, as well as ensuring users have the correct privileges to only access the data they need. Ensuring you meeting the Cyber Essentials standard is a great method of ensuring you
The Final line of defence
Backup is there when all else fails, and should have a copy automatically stored off-site. Remember that data that can get encrypted by cyber criminals? Well some of that data could be your backup, and if you only have a single copy, held onsite, well you’ve just lost all that data.
By meeting the government backed Cyber Essentials accreditation you are taking a practical first step in taking cyber security seriously, one that stops 80% of all common cyber-attacks.
Southern IT Networks are certified to be able to assess against the Cyber Essentials and Cyber Essentials Plus standards, if you want to learn more call 01323 287828.