When it comes to protecting a business from hackers and malware, there’s one thing the cybersecurity world can agree on:
There is no single product or software that will solve all your cybersecurity problems.
In today’s IT landscape, it takes many technologies and processes to provide comprehensive risk and security management. Accordingly, small to medium-sized businesses (SMBs) in South Africa should continually be checking their systems for vulnerabilities, learning about new threats, thinking like attackers, and adjusting their defences as needed.
Just as business premises are secured with multiple layers of physical security, such as barbed wire, burglar guards, and alarm systems, effective cybersecurity is no different. A multi-layered cybersecurity approach is vital for SMBs who are serious about threats like ransomware and pretexting impacting their data, productivity, and bottom-line.
In this article, we cover the must-have solutions for multi-layered defence against cybercrime for SMBs:
(1) Antivirus Software
Modern antivirus software can protect against deadly ransomware, keyloggers, trojan horses, phishing, malicious URLs, spyware, and a whole host of other malicious attacks.
For SMBs, it’s imperative that your antivirus covers both the company network and individual devices. At one level, this ensures comprehensive coverage. And on the second level, it can help prevent a virus from spreading internally via your company network and infecting other employees.
At the same time though, never opt for a free antivirus. They lack important features – such as password management and device coverage – which are essentials for business cybersecurity.
Firewalls are your first line of defence against external threats. They monitor incoming and outgoing network traffic based on a set of configurable rules — separating your secure internal network from the Internet, which is not considered secure.
Additionally, firewalls are typically deployed as an appliance on your network and in many cases offer additional functionality, such as restricting employees from risky websites as well as VPN capabilities for added cybersecurity and provision for remote work.
(3) Patch Management
Cybercriminals design their attacks around vulnerabilities in popular software such as Windows 10, MS Office, Google Chrome, Zoom, Skype, etc. As vulnerabilities are exploited, software vendors issue updates – ‘patches’ – to fix them. As such, using outdated versions of software products can expose your business to security risks.
In a study by analyst firm Voke Media, it was revealed that 80% of data breaches or failed security audits could have been prevented with on-time patching or configuration updates.
Whilst another study found that 20% of all vulnerabilities caused by unpatched software are classified as High Risk or Critical.
The good news is that there are a variety of solutions that can automate patch management for your business. When configured correctly, these tools streamline patch monitoring and implementation across your company from a central point of control.
This is fundamental for not only cybersecurity but also for reducing downtime from having to manage patches and updates on each individual device.
(4) Password Management
A 2020 study by the World Economic Forum reports that weak and stolen passwords are at the heart of the rise in cyber theft – causing 80% of data breaches.
To mitigate this risk, businesses should adopt companywide password management solutions. Many people have a document that contains their password details in one easily accessible file — however, this is both unsafe and unnecessary.
On the other hand, password management software allows employees to keep track of all their passwords in a dedicated environment under extreme protection.
Encryption is also an important consideration. Encrypting hard drives ensures that data will be completely inaccessible even if, for example, a laptop is stolen.
And because threats like ransomware are always evolving, security solutions are just one part of an effective defence strategy. You need solutions in place that enable you to return to operations quickly if you do suffer a cyber-attack.
(5) The #1 Solution for Cyber Protection: Data Backup and Disaster Recovery
Frequent backups of all data considered critical to your business are critical. The exact frequency of backups will vary based on your business’ specific needs.
Traditionally, most businesses performed a daily backup, and for a tiny fraction of SMBs, this may still be suitable. However, modern backup solutions are designed to make incremental copies of data throughout the day to minimize data loss. Solutions that back up regularly allow you to restore data to a point in time before the data breach or cybersecurity attack occurred.
Remember, if you only backup your files daily, you’re still vulnerable to the loss of an entire day’s work. For example, you perform a backup at 6 pm every night. If a primary server crashed at 4 pm the next afternoon, all data created and altered within those 22 hours would be lost.
Some data protection products can take image-based backups that are stored in a virtual machine format – essentially a snapshot of the data, applications, and operating system. This allows users to run applications from the backup copy. This functionality is typically referred to as instant recovery or recovery-in-place.
At iSite Computers, our version of this technology is called Instant Virtualization. The ability to run an application from the backup instance of a virtual machine allows your employees to continue working while the primary server is restored following an outage – and thus reducing downtime. Some solutions, including iSite’s, extend this capability to the cloud to protect against failures that impact primary and on-premise backup copies.
Take Action with this Cybersecurity Checklist for Your SMB
With the above multi-layered solutions in mind, it’s time to put them into practice. Use this checklist to make sure you cover the specifics when it comes to comprehensive cyber risk and security management for your SMB:
- Conduct a security risk assessment. Understand potential security threats (e.g., ransomware) and the impact they may have on your business (e.g., lost revenue). Use this information to consult with a local managed IT services provider and shape a security strategy that meets your specific needs.
- Train your employees. Because cybersecurity threats are constantly evolving, an ongoing semi-annual training plan should be implemented for all employees. This should include examples of threats, as well as instruction on security best practices (e.g., never use the same password for multiple accounts.) To learn more – Cybersecurity: Securing Your Small Business Starts with Employee Awareness & Training
- Protect your network and devices. Implement a password policy that requires strong passwords that expire every 90 days. Deploy firewall, VPN, and antivirus technologies to ensure your network and endpoints are not vulnerable to attacks. Consider implementing multifactor authentication. Ongoing network monitoring should also be considered essential. Encrypt hard drives and storage media.
- Keep software up to date. It is essential to use up-to-date software products and be vigilant about patch management. Cybercriminals exploit software vulnerabilities using a variety of tactics to gain access to computers and critical business data.
- Create straightforward cybersecurity policies. Have a clear set of rules and instructions on cybersecurity best practices for your employees. These will vary from business to business but may include policies on social media use, web browsing, ‘bring your own device’ (BYOD) policies, etc.
- Back up your data. How quickly can you recover if data loss grinds your business to a halt? Frequent backups are vital to recovering from data loss or corruption resulting from security breaches, power surges, hardware failure, and more. Use a modern data protection solution that takes incremental backups of data periodically throughout the day to prevent loss.
- Know where your data resides. Maintaining oversight of business data is an important piece of the security puzzle. The more places data exists, the more likely it is that unauthorized individuals will be able to access it.
- Control physical and virtual access. Use key cards or similar security measures to control access to facilities (such as the server room) and ensure that employees use strong passwords for their work devices, including smartphones and tablets. Keep your Wi-Fi secure with a Network Access Control (NAC) system and ensure former staff is blocked from your network as soon as they leave.
Developing a robust, multi-layered cybersecurity strategy can save an SMB from attack and downtime. By combining modern antivirus, firewall, patch, and password management safeguards, a business can dramatically decrease the likelihood of any breaches.
Lastly, a solid, reliable backup and recovery solution is the second and most essential layer of defence, allowing businesses to recover quickly and unscathed should things turn ugly.
Get Multi-Layered Protection for Your Business with iSite Computers
Established in 2008, iSite Computers works with SMBs in South Africa to implement multi-layered cybersecurity solutions that are tailor-made to the business and IT needs of our clients.
Our clients include law and accounting firms that trust with securing their sensitive data with the latest in comprehensive cyber protection.