I’ve had the unfortunate experience of helping a number of companies to overcome security breaches in the past and it’s doubly unfortunate when the breaches could have been prevented with a minimum of fuss and a little bit of effort. Below are the 5 most common issues we’ve encountered and how to avoid them.
1. Email Attachment
You’ve won the lotto, have a HRMC tax refund, Land Registry issue, the list goes on and on. But when you or your staff click that link your network security goes out the window. These links normally send trojans onto the infected computer and from there your network is the hackers oyster. Be prepared for being blacklisted (no longer able to send emails to customers), no email service in general and more.
- Don’t open attachments without verifying they are legitimate (your best friends account could also be hacked so there’s no guarantee that it’s safe).
- Install Anti-Virus and keep it updated
- Use a third party email filtering service
- Have a strong Firewall
Websites and Social Media are another way that infections can be downloaded to your computer. If a website is hacked the hacker can place a trojan piece of code to automatically download onto any computer accessing a website. After that as with email trojans you computer is at the mercy of the hacker.
- Pay attention to the listing in Google Search, often times a hacked website will be highlighted as such in the results.
- Install Anti-Virus and keep it updated.
- Ensure that your web browser is up to date and that the security settings are sufficiently high
- Have a strong firewall on your internet connection that analyses the traffic as it passes through.
Passwords are a great idea until you’ve 20 and can’t remember them. Solution? Use the same one of course, genius! ..or not. When you use the same password for 20 sites and the 20th site is less secure than the rest then when the credentials are hacked so are the other 19 sites. Also if it’s an easy password then a script kiddy with an off the shelf bot can do some serious damage. Is your usename john, and password ‘Pass1’ or ‘Pa$$w0rd’ If so then a very simple password hacking script will likely gain access to your system at some stage in the future.
- Use complex passwords
- Use different passwords for each site
- It the above is difficult then consider a service such as LastPass
- Don’t be tempted to reduce password complexity or password refreshes on your network because it’s easier.
- Have a strong Firewall
4. Open WiFi
You’ve a guest wifi / internal wifi with no password. Any passerby can logon to your network and do as they please. It’s a more ‘local’ threat but you can be held liable to any damage done from your network outbound.
- Don’t have open wifi.
- Don’t allow guests onto your network (offer 2 WiFi zones, one internal one external)
- Use a managed access point such as Meraki devices.
- Have a strong Firewall (seeing a trend yet!)
Free software downloaded for x or y purposes. Torrents of the latest TV series. All potentially bringing with them malware and trojans that will kill your network.
- Use policies to prevent untested software installations
- Prevent Torrent downloads within the network.
- Have a strong Firewall with the correct rules
Moral of the story – Have a strong Firewall in place (ie not the one that came built into your generic modem!) with rules that protect your users from both the outside world and themselves. Have a few basic guidelines in place so staff are aware of the risks. And keep your systems up to date with security patches and Anti-Virus.