As you will have seen in the news recently, cyber-attacks such as vicious malware and DDoS attacks are increasing against western infrastructure. Everyone should consider taking some simple steps to help prevent their own organisation from being a victim. Cybercriminals don’t care about the nature or size of your business; they will attack any type.

If you use any online services, you should enable MFA on all accounts in the first instance. This will prevent most account takeover types of attack.

If you only deal with customers/emails from the UK or EEA, you should set up conditional access across your infrastructure to restrict attempted connections from other countries. Again, reducing the number of locations that are able to contact your organisation significantly reduces your attack surface.

Phishing is one of the easiest ways to get compromised, so look to ensure you have an email filtering system in place. Make sure your staff has recent and up-to-date training on how to spot Phishing attempts and that anything suspicious is reported so it can be investigated and blocked. You should also consider performing Phishing tests to confirm your training has been successful.

Anti-virus software needs to be enabled and up to date on all your devices. Updates should be applied to both the scanning engine as well as the definition files (if used). Hybrid working presents further challenges with staff possibly accessing company resources from personal devices. Policies should be in place to require minimum baseline security standards for all devices accessing company resources with conditional access to enforce these. Remember that no software is 100% reliable and zero-day exploits could be present in the software. The best defence is to only download and use software and files from trusted sources.

If you don’t have a web content filtering system in place, look to see if your existing equipment can be configured/enabled to start filtering your web traffic. Web filtering can do much more than just blocking undesirable sites while browsing; it can also filter links in emails that could be related to phishing.

Personal mobile devices connecting to the corporate network should be isolated in their own network. New attack vectors are targeting mobile devices and if compromised, could spread to the corporate network.

All devices should have the operating system updates turned on and up to date. Microsoft-based devices should ensure the Windows updates are enabled and up to date. Linux devices should have updates run at regular intervals. 

Don’t forget your router/firewall/edge devices. The firmware on these also needs to be updated. These devices often get overlooked when it comes to updates, but they are critical to your network security.

Security Information and Event Management (SIEM) system is a software solution that aggregates and analyses activity from many different devices on your network and can give you a complete picture of the activity on your network. Depending on your attitude to risk, these systems can provide early detection of possible attacks taking place.

At Jungle IT, we take your security very seriously. We follow industry best practices regarding security and have confirmed with our partners that they have taken all possible steps to protect customers from cyber risks.

Finally, tested business continuity and disaster recovery plans should be in place to allow your business to function in the event of an attack. Putting thought into forward planning will mean that your business can be up and running again as quickly as possible in the event of a disaster.

To find out more, please contact david.blythe@jungleit.co.uk.