In today’s technological world, businesses cannot function without technology, putting them at risk of cyberattacks every day. While organizations are steadily increasing their budgets for cybersecurity, the number of incidents have only increased in frequency and in severity over the years.
Today’s hackers evolve as quickly as technologies do, which forces businesses to be proactive in the way they manage their cybersecurity. Here are five cybersecurity best practices that companies of all sizes can apply to mitigate the risks of an incident.
1. Create backup copies
This point, while incredibly important, is often overlooked by a lot of organizations no matter their size. It is essential that they create backup copies of everything they consider important for their usual operations, whether it’s virtual machines, databases, internal servers, etc.
Not only should they create backup copies, but they should host their backups using external services to avoid catastrophic events similar to what happened to VFEmail, who had their entire company wiped out in a matter of hours due to a destructive attack. All of their critical data, cloud infrastructure and backups were formatted before they could do anything about it.
Companies should also insist on using “unlimited copies” services, which creates backup copies any time a modification is done to a file, rather than creating backup copies following a set schedule. Should an organization be hit with a ransomware attack, they will be able to revert to the exact state they were in at the moment they were attacked.
2. Establish and enforce password policies
Password policies are one of the easiest ways to secure your company out of these 5 cybersecurity best practices.
Not only should employees have strong passwords used exclusively at work, but a password should never be re-used across the organization. For example, your network administrators should never use the same password across all the technologies they manage. When a hacker is able to compromise one password – whether it was poorly encrypted within the system or found elsewhere – they will attempt to use it everywhere to authenticate within the system, sometimes allowing them to gain access to very critical components for your company.
When a database is breached by a hacker, similar to the LinkedIn Breach, passwords are sold online on the dark web, which is usually the first thing a hacker will look out for when trying to hack a company. If an employee uses the same password for their work as they do in their personal life, it’s very likely that this password has already been leaked online and that it will be used by hackers to attempt signing into various technologies used by the company.
Hackers also use advanced tools that leverages a combination of dictionaries, common password lists, and common password patterns (For instance: word + numbers + symbol) to create a password-cracking algorithm that attempts millions of password combinations within minutes. Having a strong password policy helps prevent the use of these tools. (For example, requiring the use of randomly generated passwords using password managers such as LastPass that are nearly impossible to crack with these advanced tools)
This password policy should also require multi-factor authentication wherever possible. Examples of MFA include:
- Magnetic card strips
- Security card codes
- Passcodes (such as a PIN) sent on their mobile devices
- Biometrics (such as fingerprints or facial recognition)
- Challenge/Response (User answers question usually involving personal information only they would know)
MFA provides an extra layer of protection in the event that a password is leaked or found within your system. If these password best practices are respected and that all passwords are changed on a regular basis, you will mitigate a large portion of the cybersecurity risks within your organization.
3. Train employees on cybersecurity best practices
Employees who regularly process emails should be thoroughly trained on cybersecurity best practices. Human error was the cause 90% of cyberattacks last year, most of which happened because of phishing. (The act of sending a coercive email to infect a system and sometimes even gain access to their system)
Phishing attacks have led to some of the biggest cybersecurity incidents in history, such as the NHS ransomware attack which interrupted patient care for a week across various medical centers in the UK. These attacks require the least amount of effort for hackers to perform and can have dramatic consequences.
We regularly perform phishing tests with our clients to determine the level of awareness of their employees towards the risks of phishing, and we have noticed alarming trends that reveal most companies fail to provide proper training for cybersecurity risks associated with phishing.
Employers should provide their employees with examples of phishing attacks and explain the likelihood that they are also affected by them. When uncertain of their employee’s awareness, they should look into performing phishing tests to provide evidence to their employees of the risks that it could represent for their company.
4. Update your software as soon as updates are available
Most people are annoyed by the prospect of updating their OS and software, but they should never take it lightly. The majority of patches are released for security purposes which is why they should never be neglected.
For instance, Microsoft recently released an emergency update for Internet Explorer to patch a vulnerability that could have allowed hackers to gain full admin access to the user’s computer.
Hackers are always on the lookout for these vulnerabilities, and they are part of their toolkit which they will attempt to leverage every time the opportunity arises.
5. Beware of user privileges
Recent data breaches (such as the Desjardins data breach) proves that no chances should be taken when it comes to user privilege.
A malicious employee with more privileges than they should have could easily access sensitive data, make copies and sell them to malicious actors on the dark web. This leak of information could result in hefty fines in privacy law breaches, important reputational damage that is hard to recover from and the exposition of trade secrets – even technical information – that could later be used by hackers to gain access to your critical systems or sold to your competitors.
Companies should regularly audit their internal systems to ensure that the user privileges are properly respected by their infrastructure. While user privilege is often well determined and users are usually given the least amount of privilege possible within their ecosystem, it can often be very easy for those users to escalate their privileges or to exploit their way out of their limited privileges.
These 5 cybersecurity best practices, while easy to apply, are often overlooked and left aside which leaves organizations open to various kinds of cybersecurity incidents that can be hard to recover from.
Need to test the awareness of your employees, audit your user privileges, or verify that these best practices are being respected within your company? Contact our experts to find out the strength of your cybersecurity in the face of modern hackers.