Cybersecurity & Mobile Security Tip for Businesses!

Cybersecurity is becoming more and more of an issue for businesses, as security attacks are evolving at an alarming rate. Last year in particular saw a number of high profile security breaches, such as; Heartbleed and Shellshock, positioning cybersecurity as a major concern for businesses and individuals alike. So here are 10 tips on how to protect your business against cyber-attacks:

1.       Establish basic security practices and educate all of your employees in these practices. This will help ensure all of your employees understand how to handle and protect vital business and customer information.

2.       Make sure all computers and networks are protected, by making sure that anti-virus, anti-spyware and firewall software is installed and kept up to date on all corporate PCs. It is also in good practice to schedule regular anti-virus scans on all PCs.

3.       Protect your internet connection with firewall security and make sure that firewalls are maintained. It is also important to make sure that employees who work from home have a secure internet connection.

4.       It is vital to keep your operating system and all your software up to date, by installing the latest updates and security patches. Updates can be set to install automatically, saving time and ensuring they are installed as soon as they are available. (Cyber criminals will take advantage of vulnerabilities found in out of date or unpatched software)

5.       Employ some form of disaster recovery and backup strategy, to regularly backup all of your data. In the case that your computer does become infected, you will be able to restore all your files once the malware has been deleted.

6.       Don’t allow unauthorised individuals to use business computers and secure your Wi-Fi network with passwords (preferably not the password that the device came with).

7.       Ensure all employees use a strong password, one that uses a mix of numbers, upper and lower case letters and symbols. Also make sure passwords are changed regularly.

8.       Limit employee’s access and authority according to their roles. Only provide access to the specific data systems that are needed to carry out their roles.

9.       Make sure all employees know to avoid opening emails or email attachments from unknown sources or that don’t appear to be legit. It is often the case that email attachments carry malware so be cautious and one infected PC could put the whole network at risk.

10.   Enforce strict rules about installing new software and only install software from trusted sites. 

       The number of businesses allowing for BYOD is increasing, and so it is important for them to keep their data secure on all devices. Malware is not just a problem for PC’s, as cybercriminals have taken to hiding their malicious codes inside mobile apps. So we have some Security Tips to protect your Mobile Workforce.

7 Tips for a Secure Mobile Network:

1.       Don’t let mobile security be your blind spot; mobile devices need the same protection as your corporate PC’s, so implement security precautions on all mobile devices.

2.       Add security measures to your wireless network - a password or security key can keep unauthorised devices from accessing your wireless connection. Encryption technology can also help, by protecting the information transmitted through your network.

3.       Encourage employees who use mobile devices for business purposes, to password protect their devices and set them to lock within five minutes. Passwords act as a first line of defence should the device fall into the wrong hands.

4.       Educate your users about carefully examining app permissions before granting access. Most apps ask for access to many unnecessary features on your device.

5.       Develop a policy item to determine which apps can be downloaded or accessed via the corporate network. If an app has a weakness it is easier to hack, posing a threat to your corporate security.

6.       Lose it, Lock it, Wipe it - download an app on your mobile devices that allows you and your employees to lock and wipe the device in the event of theft or loss. Should your device be gone for good such apps will enable you to wipe all of your data including text messages, contacts, photos, email, browser history and user accounts.

7.      Update apps as soon as you are prompted to, as updates can include fixes to new vulnerabilities and exploited security gaps.

For any more information on how to keep your corporate date secure, contact one of the team on 01723 587240

Read More

Mobile Security - A Business Must Have!

Mobile security is becoming increasingly more important for businesses; due to the significant increase in bring your own device (BYOD) workforces. Companies put a lot of effort into building up their network defences for PCs, however most seem to overlook smartphone security, but there are now a great deal more mobile devices than PCs.

The BYOD policy has completely changed the way in which organisations need to approach their network security. Mobile devices have the ability of working inside and outside of the corporate network and can automatically connect to the corporate system, accessing sensitive data and then connect to other networks outside of the organisation. This is all done while bypassing the intense security measures built for PCs, potentially exposing your company data. 

Symantec’s 2013 Norton Report showed that nearly half of smartphone and tablet users don’t use basic precautions such as passwords and security software and that 57% were unaware that security solutions are available for mobile devices. Also according to a study from BT, 41% of UK organisations were hit by mobile security breaches. These are worrying statistics for organisations which allow for BYOD, and so it is important to make sure everyone in your organisation is aware of the importance of mobile security.

Loss and theft both pose a big threat to mobile security, as mobile devices are more vulnerable to loss and theft than PCs. Once lost or stolen any corporate data is at risk without proper security in place, such as passwords, encryption, multi-factor authentication app or apps that allow you to remotely wipe your device in the event that it is lost or stolen. 

Applications also pose one of the biggest threats to mobile security as the number of organisations building their own apps to fit their business needs is growing, with 48 % of businesses expecting to increase their mobile app budgets. Purpose built apps are useful for businesses, however they are also the weakest point of entry for cyber-criminals. Applications have to ask for access to many features on your device, however very few users examine these permissions, making it easier for malicious app developers to gain unnecessary permissions.

While applications, loss and theft pose some of the biggest threats to mobile security there are other threats that you need to protect yourself from. Lookout have suggested that mobile security threats usually fall into one of the following four key categories; application-based, web-based, network-based and physical. Each of these categories can be broken down into further threats, details of which can be found here.

Keep watching our blog for tips on how to keep your business protected from mobile and cybersecurity threats.

Read More

Cybersecurity set to be big issue for Businesses...

Last year saw a number of highly evolved cyber-attacks and data breaches across the globe, with server vulnerabilities such as Heartbleed and Shellshock taking center stage. As a result of the number of high profile security breaches and cyber-attacks, Cybersecurity has been positioned as a key priority for organisations in 2015.

Cyber-security attacks are evolving at an alarming rate, and so the cyber-security products available to businesses are rapidly evolving to keep ahead of cyber criminals.  Therefore it is more important than ever for businesses to keep up to date with the latest versions and updates of their firewalls, antivirus software, intrusion detection/protection systems, VPNs or any other security they may have in place. On top of this it is a good idea for businesses to reassess their cybersecurity practices periodically to ensure they have the best protection available to them.

Cyber security threats come in a wide range of shapes and sizes, such as; malware injection, phishing, social engineering, internal stealing of data among others. However ransomware has been one of the most common forms of malware used over the past few years, and Symantec’s 2014 Internet Security Threat Report noted that ransomware attacks grew by 500 percent in the latter part of 2013. Scammers also continued to run profitable ransomware scams last year, with Cryptolocker making up 55 percent of all ransomware in October 2014 alone.

With the wide range of security products available for businesses, such as; anti-viruses, firewalls, encryption software, intrusion detection/protection systems, it is easy to overlook the need for secure passwords. Passwords still provide the first level of defence against hackers and so it is still important to make your passwords as secure as possible. So why not make sure your password isn’t on SplashData’s worst passwords of 2014 list:

1. 123456
2. password
3. 12345
4. 12345678
5. qwerty
6. 123456789
7. 1234
8. baseball
9. dragon
10. football

The full list can be found here… “Worst Passwords of 2014”

Read More