October is Cyber Security Awareness Month. As part of the theme for 2021, we encourage you to your part and be Cyber Smart. At CyberGuru we discuss cyber security every day, and there is always more to learn and discover, and to implement for our clients. Here we share seven tips to protect your organisation from cybercrime and online threats.
- Ensure you have multi-factor authentication configured
The use of multi-factor authentication (by using a password and a secondary method, such as a randomly generated number or token) will significantly reduce the likelihood of a password-based attack. It is becoming an essential requirement when connecting to internet-based services such as such as Microsoft 365 and Google Workspace as well as your website. We also recommend multi-factor authentication be configured for other websites and applications that contain sensitive information such banking, accounting and other productivity software specific to your business.
- Update using latest patches and updates regularly
Whether it is your hardware, operating systems and software, manufacturers and developer provide regular updates to ensure it is secure and reliable. For example, Microsoft issues updates at least fortnightly for Windows and Office. Along with Adobe Reader, Google Chrome, Mozilla Firefox and other applications, there is an ongoing cycle of updates that are available for you to download. Don’t forget the other software such as WordPress, to ensure your website also remains protected.
- Conduct regular backups of your data and settings
We strongly stress of the need for regular backups of your organisation’s critical data on a regular basis. This should include configuration settings of your various hardware and software where possible. The backups should be also stored in more than one location. In addition, testing should be undertaken to ensure you can review and restore from such backups when required. Don’t also forget the need that cloud also needs to be backed up.
- Use reputable internet security or endpoint security software
Whilst it is claimed various devices and applications don’t require antivirus software, in the times we live and work, all devices may be compromised if not properly secured. Reputable internet security or endpoint security software provides defence against malicious activity, especially in the likes of viruses, malware and spyware which are still commonplace today. Using a reputable internet security or endpoint security software can protect against both the known and unknown threats.
- Provide staff with suitable education and training to ensure awareness of cyber threats
Your staff and management should be provided with ongoing training to be aware of cyber threats, including knowledge of email and phone scams, phishing and business email compromise. We also recommend putting in policies in place to report cyber threats, security issues or vulnerabilities identified during work. We also suggest restricting administrator access to authorised staff and to only have what they need for their role.
- Invest in a cyber insurance policy
These days, the reported number of incidents involving cyber threats is increasing, as is the financial and reputational lost to the business. Consider speaking to your insurer to look at having a cyber insurance policy, alongside your existing insurances to protect your organisation and assets Some policies provide which includes incident response cover to help remediate should cyber threat eventuate.
- Work with a managed service provider to assist you with the above
Nowadays, likened to accounting and marketing specialists, having a trusted ICT service partner to work with you to help work with you to support, manage and maintain your organisation’s technology. ICT service partners who work with technology daily are keeping abreast of the latest developments and can ensure your organisation is responding appropriately with technology and keep your organisation protected from cybercrime and online threats.
Here at CyberGuru, we are the trusted ICT service partner to many organisations across Brisbane and Australia, enabling and educating our clients to make the most out of their technology, ensuring it is reliable and stable, and keeping them secure and safe. We have been doing it for longer than the term “cyber” existed as cybersecurity! If we can assist in any way, please feel free to contact us.