How SAM and Employee Training Effectively Combat Cyber Attacks
Protect your Business from Cyber Attacks with Software Asset Management and Employee Training.
“TalkTalk hack is ‘wake-up call’, say UK security officials” – Financial Times
“British Gas data leak is third major UK security breach in a week” – Telegraph, UK
“Marks and Spencer website leaks customers’ details” – BBC
The media has made us all aware of the disruption a hacked IT network and Infrastructure can cause to our business. Yet, most businesses (particularly Small and Medium Businesses) do not fully appreciate cyber security threats.
Whilst some of the big names rely on cyber security companies and experts, there are a number of foundational steps every business can adopt to make their Network and IT Infrastructure safer.
The two most important basic elements to minimising cyber security threats are:
1. Frequent employee training on cyber safety
2. Managing and Monitoring your IT Infrastructure
Cyber Safety Employee Training:
Most security experts suggest that the greatest cybersecurity threat facing a business is not training its employees. Accidentally and unintentionally opening a malware from an email, or using weak passwords, and even exporting information into personal devices, will increase the cyber threat substantially, all of which can be avoided and controlled by regular lunch-and-learn type cyber safety training.
Employee awareness and education can be planned around:
1. Computer Security
Training on how to protect your devices from hackers, scammers and identity thieves
Training on avoidance, detection, and getting rid of viruses and spyware
Guidelines on how to spot and manage phishing emails/messages.
4. P2P File-Sharing Risks
Awareness of cyber risks whilst sharing information on a P2P network
5. Wi-Fi Networks
Best practices on using public Wi-Fi zones without exposing personal/business information
Managing and Monitoring your IT Infrastructure
The first steps towards building tight controls over your IT Infrastructure is to access the IT and Information risks with the same rigour as you would with acquiring customers, understanding competition, financial projections and organisational success.
Most companies do not enjoy the right level of support from their board or key stakeholders when it comes to Information Security. Information Security risk involves Employees, Cloud Computing, IT Infrastructure and Suppliers, so getting the buy-in from the leaders of your organisation is a critical factor for success.
Once you have mapped out the key risks, the next step is to document your Information Risk Management Guidelines. As with most elements within your organisation, communication plays a vital role in spreading the awareness and educating your organisation on following the information management guidelines.
Manage your IT Infrastructure by focussing on the below areas:
1. Secure Infrastructure Configuration
Your IT Infrastructure should be developed to secure baseline builds. Manage system configuration by each department. Disable any unnecessary features from your Information Systems and keep them patched against known bugs or gaps. Failing to do this will expose your business to threats and vulnerabilities, and increase risk to the confidentiality, integrity and availability of systems and information.
2. Fundamental Security of Your Network
Only connect to trusted networks. Adopt well-proven and validated network design protocols to configure your network perimeters and internal network segments. All network devices should ideally be configured to the secure baseline build (this can be challenging if you have a Bring Your Own Device (BYOD) policy).
The Network Perimeter is the right place to filter your required traffic. Another fundamental principle is to monitor your traffic for unusual or malicious activity—often these are signals of attack or attempted attack.
3. User Privileges Management
Simple and Sufficient are the two principal themes when it comes to the management of user privileges. Avoid having multiple templated user privilege accounts by user type – Manager, Senior Manager, Director, VP etc. Avoid the complexity with simple and effective templated privileges. Common protocols, like ‘software installation can be only be administered by the IT team’, should be adopted.
Multiple walls should be built around access of sensitive information. Any access/attempted access to unrequired or sensitive information should be tightly monitored.
4. Incident management
Your incident response team should be able to tackle a full range of incidents. The best way to keep on top of your incident management is to test them regularly (testing should reflect real life scenarios and should not be treated as a formality). Specialist training is required in most cases to properly manage incidents and disaster-related situations.
5. Malware prevention
Typical entry points for malware are email, online browsing, removable media, client machines and personal devices. A strong policy as well as good monitoring of activities is essential. Well proven anti-virus systems to actively scan for malware for all your incoming and outgoing traffic are a must.
Monitor all your systems using Network and Host Intrusion Detection Systems (NIDS/HIDS) and Prevention Systems (NIPS/HIPS). Adapt your monitoring policies based on previous incidents and intelligence. Use reports and stats on security threats like botnets, hacking, trojans, denial of service (DoS) attacks and information leakage.
7. Removable media controls
Data transfer to removable media should be avoided. Where this is not possible, provide devices that are monitored and managed by the businesses. Monitoring becomes a challenge in such situations so it is highly recommended to adapt a no-data-transfer policy.
8. Home and mobile working
Connecting via VPN for mobile working situations should involve multiple security layers. Secure Remote Working training sessions should be arranged frequently for remote/mobile employees.
There is no doubt that most of the above requires resources and time, but it will be cheaper than managing a post-cyber-attack situation. An easier way to manage most of the above tasks is to implement an effective Software Asset Management (SAM) or IT Asset Management Software. You can shortlist, review and compare UK-based SAM Software options with our tool.