Cyber Tips
Cyber crime is on the increase and the security of our IT systems is something that we should all take seriously, regardless of the size of our business or the level of our IT expertise.
Below we list some straightforward practices that everyone from a sole-trader to a multinational corporation can put in place and when implemented together can protect one’s business from 80% of cyber threats.
KNOW WHAT YOU HAVE
You cannot protect what you don’t know about, taking time to understand your system is key to protecting it. Create a log of all information assets
- When it was purchased
- Where it is located
- What it’s IP address is
- What data is held on it
- What software versions are installed
- Licence keys
- Who maintains it
- Support agreements
- Who is responsible for it
KEEP YOUR SYSTEM UP TO DATE
Vulnerable applications, devices and operating systems are the target of most cyber attacks. Ensuring that these are patched with the latest updates greatly reduces the number of exploitable entry points.
Confirm that automatic updates are enabled, and if not, change the settings so that they are switched on. This is especially important for the following applications, which are known to have been exploited in the past:
Frequent checks should be carried out to ensure that the patching regime is working as intended. These checks should include but not be limited to:
- Devices are shut down and or rebooted at least weekly
- Browsers are updated
- Adobe products are in support and updated
- Users should not be permitted to postpone updates indefinitely
- Windows 10/11 feature builds are current and supported
- https://learn.microsoft.com/en-us/lifecycle/products/windows-10-enterprise-and-education
- https://learn.microsoft.com/en-us/lifecycle/products/windows-10-home-and-pro
- https://learn.microsoft.com/en-us/lifecycle/products/windows-11-enterprise-and-education
- https://learn.microsoft.com/en-us/lifecycle/products/windows-11-home-and-pro
- macOS is typically the current plus the last two major versions https://support.apple.com/en-us/109033
- Spare/Backup/Work from home devices are turned on regularly to maintain updates and patches
- Software versions are still in support and licensed.
- Firewall/Device/Computer firmware is updated
- Firewall open ports and services are reviewed and closed when no longer needed
- If software is no longer needed, then it should be removed from devices
- Keeping up to date with patch alerts via services such as CERT & Technet
As a regular service can keep a car running at its best. Regular system maintenance keeps everything running well and secure. The “if it isn’t broke don’t fix it” way just doesn’t work. PATCH IT and keep it PATCHED !
USE STRONG AND UNIQUE PASSWORDS
Denying access is a vital part of protecting any system. Weak passwords (e.g. a pet/child’s name) can be easy for someone else to determine so should be avoided. One should also refrain from reusing passwords or using the same password for many accounts.
Use 3 random words as recommended by NCSC.
In addition, password manager programs, such as 1Password or BitWarden can help to create and maintain a strong unique password regime.
ALWAYS CHANGE THE DEFAULTS
Most devices and systems come with factory default settings, usernames and passwords. These are well known and can often be over looked when installing. Where practical and possible you should change these defaults.
Defiantly change the default password if you cannot change anything else. Remember to use the guidance above for a strong password.
LIMIT USE OF THE ADMINISTRATOR PROFILE
Restricting administrator privileges to use only when necessary may prevent malware from running and limit its capability to spread through a network.
Therefore, do not run as administrator for everyday tasks, but only work using the administrator profile when it is a requirement for the task in hand. This includes users not being a member of the local administrator group.
SETUP AND ENABLE A FIREWALL
All modern operating systems include a firewall. The firewall should be enabled and only limited applications allowed through.
For more advanced users it is worth considering filtering outbound traffic to limited applications and or ports.
It is also important to ensure that the network has proper firewall protection with a dedicated hardware appliance.
INSTALL AND USE ANTIVIRUS SOFTWARE
While antivirus software may not be 100% effective, it is better to have some protection rather than none. This includes Apple Macs; although once much less of an issue, they are now more frequently a target of malware.
SOFTWARE
Unlicensed and pirated copies of software may contain malware or other threats to your system. Therefore, only use licensed software.
Remove software that is not used or required as this will reduce the attack surface for the system. If it’s not needed nor used uninstall it. That includes all the “Free” software installed on new computers. An advantage of this is also that if it’s not installed you do not have to waste time updating it.
CHECK THE INTEGRITY OF ANYTHING YOU CONNECT
Devices which connect to a system, e.g. via a USB port (memory sticks, external hard-drives, phones, etc) are often the source of malware and attack systems. The use of USB devices should be controlled and limited to approved devices that have been checked for malware and wiped on a regular basis. These devices should also be encrypted to make the data useless should they fall into the wrong hands. DO YOU TRUST IT WITH YOUR DATA ?
BACKUP, BACKUP, BACKUP
Having a backup is important as it helps with business continuity should you experience a cyber attack or unexpected loss of data and/or system.
This is best achieved by using an automatic backup system, preferably one that does not require an intervention to change a tape or drive, such as Mozy.
Use the 321 rule:
- At least 3 copies (Live version, local backup, remote backup)
- In or on 2 different formats (hard-disk, cloud)
- 1 of those copies off site
HAVE AN INCIDENT PLAN & KEEP IT UP-TO-DATE
Losing a system through cyber attack or other cause (fire/flood/hardware failure, etc) can be incredibly damaging to a business and much of the costs associated with recovering from such a situation can be further impacted by the lack of an up-to-date recovery strategy.
Therefore, putting all of the above preventative measures into place can help to protect your business from being compromised, but having an effective recovery plan can minimise downtime and significantly impact how fast and efficiently your business recovers.
And Finally
Turn it off when you don’t need it
Wifi, Bluetooth, Power it down. If it is not switched on or online then it makes it hard to attack.
If you are unsure about how to effectively protect your systems, or how to initiate any of the above measures, contact us for advice. Baigent’s Information Security Services Ltd can provide affordable 3rd party assessments of your cyber security and provide guidance on areas where your security could be strengthened, as well as being able to offer Cyber Essentials certifications.