The past few years have been among the most challenging for most businesses. Lockdowns, staff reductions, and reduced revenues resulted in the demise of many businesses. For those who remained, the new onuses brought about by supply chain concerns and inflation present even greater reasons for maximum resilience in order to survive. With all the physical challenges of running a business, it is equally important for businesses to revisit their cybersecurity preparedness to make sure that they can best protect the valuable information that keeps the business running.
Perhaps the biggest threat to a business today is the possibility of ransomware. According to a recent survey, most business owners place this as a top concern. This is not an irrational fear, as ransomware can cripple, or even terminate a business. While it is surprising to note that one source has witnessed a remarkable decline in global ransomware activity, the threat is still very present. Many of the cyber threats that imperil businesses can be significantly reduced with 5 steps that form the foundation of a good security plan.
1. Backups are a Key to Survival
Data corruption is not always the result of a crime or malintent. Sometimes, data can get erroneously altered or deleted as a course of a natural event, such as a power outage. This is why it is important to have solid backup plans in place. The best backup strategies include timely rotation of backups, and ensuring that backups are stored online for fast retrieval, and offline in case of a ransomware event that corrupts the online data stores. Data destruction is also a vital part of a data plan. The Computer Information Security Administration (CISA), and the National Institute of Standards and Technology (NIST) offer authoritative information about data backup and media sanitization practices.
2. Defense in Depth
No single security method can protect against all the possible threats that exist. Cybersecurity professionals often speak of the principle of “defense in depth.” This can become as complex as imaginable, but the best way to start implementing this layered security schema is by taking the easiest steps possible that present the biggest criminal deterrents. Two methods that can immediately protect your organization are Multi-Factor Authentication (MFA), and data encryption. MFA can protect against unauthorized access, and encryption can protect data even if it is stolen. These two small steps can make an enormous difference in your security resilience.
3. Patch and Update
Another basic security technique is to keep your operating systems, software, hardware, and applications updated to the latest versions recommended by the manufacturers. The easiest part about this security practice is that the work is done by the vendor. They have as much of an interest in keeping a product running at its best, as it reflects poorly if their product becomes unstable. The challenge to the business is to schedule the most efficient time to apply the fixes, and to make sure that the updates do not harm any other dependent processes. However, it is worth the effort to build patching and updating into the normal business calendar, as a failure to do so can introduce vulnerabilities into the environment.
4. Invest in Protective Software and Hardware
There are many security products that can protect your data. With some careful due diligence, your organization will be able to find the best ones that work well, while fitting within the organization’s budget. In most cases, a good vendor will help to guide you in the right direction as well.
5. Employee Awareness
A simple victory can be achieved by helping your staff to understand exactly what their security attentiveness brings to the business. Let them know what you are protecting, how to best protect it, and why it is important. In most cases, your staff will be responsible for protecting your data equally as much as all the technical controls that you can put in place.
Business owners have enough to worry about on a day-to-day basis just to keep the business afloat and profitable.By taking five simple steps, a business can begin to significantly reduce its exposure to online attacks and focus more on business success.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire.
Meet Fortra™ Your Cybersecurity Ally™
Fortra is creating a simpler, stronger, and more straightforward future for cybersecurity by offering a portfolio of integrated and scalable solutions. Learn more about how Fortra’s portfolio of solutions can benefit your business.