Top 10 Business Cybersecurity Tips
In times of new technologies and constant progress in the field of it, the security of personal data and important documents of organizations is very important. Large corporations are increasing the security of their platforms every year, but it is worth taking care of the cybersecurity of your company yourself. That is why we have prepared for you the top 10 cybersecurity tips for companies.
Use antivirus software at the gateway level
The main source of viruses and other malicious code is the Internet. By installing an antivirus at the gateway level, you will protect all computers on the local network at once, as it checks the traffic passing through the proxy server. Do not forget to register a gateway with an antivirus for each user as a proxy server. (If you are just thinking about your business, read our article which form of business is better to choose)
State-owned companies need to use solutions certified by the FSTEC, such as Kaspersky Lab antivirus. In addition, in the universal security gateway Traffic Inspector Next Generation, you can use the free ClamAV plugin, as well as connect another antivirus that supports the ICAP protocol.
Use Intrusion Detection/Prevention System (IDS/IPS)
Attacks on the computer networks of organizations occur mainly from the outside. Hackers can target both an external resource (for example, a website) and an internal one (for example, a database). The solution is an attack detection/prevention system (IDS/IPS), which recognizes the sources of attacks and the attacked machines by certain signatures of network traffic and “cleans” traffic from such negative impacts. In addition, the system notifies the administrator about what is happening and creates action reports so that they can be used to investigate intrusions.
One of the most popular IDS is Suricata. The signature database contains an up—to-date list of computer attacks, while you can connect the bases of another popular attack detection system – Snort.
Use a proxy server to filter network traffic
Often, the system administrator is tasked with blocking unregulated actions of workstation users (watching videos, communicating in social networks, downloading “pirated” content). These actions not only take up working time, but can also lead to infection of the workstation. To prevent such actions on the proxy server, it is necessary to set rules for blocking access to certain web resources.
For example, the Squid proxy server allows you to configure rules for both incoming and outgoing traffic. In addition, the proxy server includes SSL-bump tools that can decrypt secure traffic (HTTPS).
Use Virtual Private Networks (VPNs)
If an organization has branches, it is undesirable to use open channels to exchange information between them. In addition, an employee’s remote access to the office network is a threat (corporate networks are often hacked using Wi-Fi in hotels and other public places.
Regularly check the security of the local network
Several dozen types of vulnerabilities are identified monthly in operating systems, as well as electronic document management systems and other common software. The system administrator should regularly check the computers under his control for vulnerabilities and eliminate them. Vulnerability scanners at the application level help in this, as well as low-level tools, such as a port scanner, to identify and analyze possible applications and protocols running on the system.
UTM solutions usually contain security scanners. For example, Traffic Inspector Next Generation has GoLismero, an integration framework for security scanners with an emphasis on web security, as well as OpenVAS, Webspider, Netmap, sqlmap and other scanners working on different profiles.
Study the regulatory documents on information security
Higher-level organizations or departments issue information security regulations, regulations, etc. As a rule, these are long and obscure texts written in clerical language. Ask the system administrator to highlight the essence of them and discuss with him the implementation of the main tasks set.
Make sure that employees keep passwords securely
Bring to the staff the danger of revealing their passwords. A piece of paper with a cipher glued to the monitor will give the hacker the key to hack the entire network. Make it a duty for employees to change passwords at least once every six months (for the most important employees, such as management and accounting, once a quarter). If a long password is difficult to remember, it can be divided into two parts — write one in a prominent place, and keep the other in your head. (If you haven’t decided which business to start yet, then read our article top 10 business ideas)
Order a backup
Backup is the periodic recording of all digital data of an organization on an external storage device. In case of loss of working data, they can be returned using a backup. How often to make backups and how long to store them? The best option is to often save recent information and store individual slices for a long time, for example, make backups every day, store the last 30 days, and also store slices made 2, 3, 6, 12 and 24 months ago.
Train information security personnel
The system administrator will explain the basic things, but it is advisable to approach the issue of training comprehensively using special courses (for example, Kaspersky ASAP). Make it mandatory for new employees to take courses.
Conduct periodic inspections
For example, set a task for the system administrator to simulate a hacker attack: send a mail message to all employees with a sender substitution and a “virus” file in the archive (for example: the sender is the head of the personnel department, the subject is the New Year, the attachment is Work during the holidays.zip, in the file – a script that will give the system administrator an understanding on which computer the file was launched). Conduct explanatory work among those who have opened a dangerous investment.