6 Ways your SMB can prevent a cyber attack
Over the last few years Lynx has been invited into a number of situations following a serious cyber incident at client sites. In some cases, this was more about partial recovery after a minor encryption outbreak. However, others were far more serious in terms of all data, including backups fully encrypted.
Below is a list of 6 key things you can do that may prevent such a horrendous situation for your SMB. They don’t cost the much and they may just save the business in the event of an attack.
1. Have a security strategy based around the 5 pillars of the Cyber Essentials accreditation.
These are basic but practical areas that identifies data and helps put some focus on security of the data. Even if you do not want to hold the accreditation, the principles are the important bits.
2. Make sure you have a layered approach to security.
It’s not all about the firewall protecting the edge of the network. Advanced endpoint protection, DNS checking, two factor authentication (and more security layers) all significantly reduce the risk of a cyber breach.
3. Make sure you have a Next Generation firewall that uses a subscription based real-time data checking.
The current crop of Next Gen firewalls uses cloud-based services that are updated all the time and can block threats in a much more holistic way. New threats are created all the time and the best chance you have of blocking them is using a firewall that is aware of the latest threats as they happen.
4. Review your Active Directory and Firewall rule sets on a regular (once a year minimum) basis.
Out of date users and poor password management have led to a number of security breaches. Some tools can help you scan AD to find out how many users have not logged in for six months etc.
5. Have an offsite backup, remove your backup servers from your domain and create ‘Jump’ management servers (that are also not on the domain) for RDP access to domain controllers.
If your network is breached the perpetrators look for active directory as the key to all the systems usernames and passwords. Once they have that they can compromise any system resource. However, by removing the backup server from AD and creating a management server which is the only remote server allowed to RDP onto domain controllers you can make things much more difficult to find. It goes without saying that having a copy of the data backup off site is a must when protecting data assets.
6. Make sure all of the key components are updated regularly.
A very high number of breaches are allowed to happen by manufacturer fixes on security devices that have not been applied yet. Manufacturers provide security updates and fixes all the time, but criminals can unpick these to find out what the vulnerability is. They then spend time looking for systems that have not been patched yet.
For more information or just a discussion about your security requirements, please call Lynx Networks on 01908 633833 or email [email protected] and ask for Mark Bird (Technical Director).
News, Articles & Case Studies
Lynx Networks will be exhibiting at the IntraLogisteX 2022 show at the CBS Arena Coventry on 29th and 30th March 2022. The show includes seminars and live demonstrations for those whose business involve material flows and logistics. It would be great to see you there....
At Lynx, we are proud of our history of training data cabling installation technicians. Since 1988, over 90 installers have learned and refined their skills at Lynx Networks.
On Thursday 20th May, our cyber defences successfully kept 10,297 external scans from probing our network as a pre-cursor to an attack. Had just one these probs found a weakness and been exploited, our business could have been badly damaged.