Follow the tips to improve your security posture
Why do I need Cybersecurity?
Cybersecurity is becoming a real epidemic. Reports of ransomware attacks, phishing attack and DDOS (Distributed Denial of Service) attacks are in the news daily. The motivation of the cyber criminal is to disrupt business operation and/or make the targeted business pay a ransom.Small businesses sometimes feel safe knowing their smaller size will discourage cyber criminals from targeting them. Unfortunately the data shows otherwise. The U.S. Congressional Small Business Committee found that 71 percent of cyber-attacks happened at businesses with less than 100 employees. 50% of small business had a cybersecurity incident in the past year. Small businesses are usually less secure due to lack of time, lack of budget and lack of knowledge of cybersecurity implementation and policy. Unfortunately this can make small businesses an easy target.
Perform a Risk Assessment
Knowing the value of what you are protecting will help in justifying security expenditures.
Create a Security Policy
Create a policy that clearly outlines company rules, job duties, and expectations.
Physical Security Measures
Restrict access to networking closets, server locations, and other critical infrastructure.
Human Resource Security Measures
Vet employees by checking references and conducting background checks.
Perform and Test Backups
Perform regular backups of data. Test data recovery for maximum effectiveness.
Maintain Security Patches and Updates
Regularly update server, client, and network device operating systems and programs.
Employ Access Controls
Configure user roles and privilege levels as well as strong user authentication. In addition to corporate policy credential policy, consider 2 factor authentication.
Test Cyber Incident Response
Create an incident response plan and test emergency response scenarios. Having a plan will limit the damage of a breach, and allow effective remediation.
Implement a Network Monitoring
Choose a security monitoring solution that is easy use and integrates with other technologies.
Implement Network Security
Use next generation security devices, IPS (Intrusion Prevention System), deep packet inspection including SSL (Secure Socket Layer) inspection, Identity awareness, URL Filtering, and DNS Security.
Implement Endpoint Security Solution
Enterprise level Endpoint protection software are effective and cost efficient. They track abnormal user activity to protect against hackers.
Educate users and employees in secure procedures. Awareness of Social Engineering tactics used to gain login information and access to confidential data is a great first line of defense.
Encrypt all sensitive company data. At a user level this can include encrypting hard drives particularly for laptop users.
Regulations like HIPAA, PCI DSS and ISO offer effective guidelines for developing security standards.
At Benchmark we work as the trusted IT advisor for our clients. We help clients by having a strategic focus, as well as encouraging forward planning. We help eliminate IT issues that keeps you up at night. We don’t want to be another vendor but rather a long-term partner for your business.
We're Here To Help!
1920 E NC hwy 54 #130
Durham, NC 27713