6 Ways your SMB can prevent a cyber attack
Over the last few years Lynx has been invited into a number of situations following a serious cyber incident at client sites. In some cases, this was more about partial recovery after a minor encryption outbreak. However, others were far more serious in terms of all data, including backups fully encrypted.
Below is a list of 6 key things you can do that may prevent such a horrendous situation for your SMB. They don’t cost the much and they may just save the business in the event of an attack.
1. Have a security strategy based around the 5 pillars of the Cyber Essentials accreditation.
These are basic but practical areas that identifies data and helps put some focus on security of the data. Even if you do not want to hold the accreditation, the principles are the important bits.
2. Make sure you have a layered approach to security.
It’s not all about the firewall protecting the edge of the network. Advanced endpoint protection, DNS checking, two factor authentication (and more security layers) all significantly reduce the risk of a cyber breach.
3. Make sure you have a Next Generation firewall that uses a subscription based real-time data checking.
The current crop of Next Gen firewalls uses cloud-based services that are updated all the time and can block threats in a much more holistic way. New threats are created all the time and the best chance you have of blocking them is using a firewall that is aware of the latest threats as they happen.
4. Review your Active Directory and Firewall rule sets on a regular (once a year minimum) basis.
Out of date users and poor password management have led to a number of security breaches. Some tools can help you scan AD to find out how many users have not logged in for six months etc.
5. Have an offsite backup, remove your backup servers from your domain and create ‘Jump’ management servers (that are also not on the domain) for RDP access to domain controllers.
If your network is breached the perpetrators look for active directory as the key to all the systems usernames and passwords. Once they have that they can compromise any system resource. However, by removing the backup server from AD and creating a management server which is the only remote server allowed to RDP onto domain controllers you can make things much more difficult to find. It goes without saying that having a copy of the data backup off site is a must when protecting data assets.
6. Make sure all of the key components are updated regularly.
A very high number of breaches are allowed to happen by manufacturer fixes on security devices that have not been applied yet. Manufacturers provide security updates and fixes all the time, but criminals can unpick these to find out what the vulnerability is. They then spend time looking for systems that have not been patched yet.
For more information or just a discussion about your security requirements, please call Lynx Networks on 01908 633833 or email [email protected] and ask for Mark Bird (Technical Director).
News, Articles & Case Studies
Lynx is sponsoring an entry in the Red Bull Soapbox Race at Alexandra Palace on 3rd July. Our friend Kevin Gibb has spent two years building the awesome Lumberjack or Lumberjill soapbox and his team will be competing against other amazing carts at the televised event....
As MD of Lynx Networks, I’m rightly concerned that, despite our layers of cybersecurity protection, one of our staff might click on a malicious link in an email.
Are you concerned that some of your users might succumb to a costly phishing attack? Lynx Networks has partnered with KnowBe4 to offer our customers automated cyber security awareness training software that utilizes simulated phishing attacks to test your users. It’s...