10 Steps to Cyber Security in your business
Here are our top 10 steps to help you be as close as you can to secure your network against all sort of threats.
1. Removable Media Controls
Produce a policy to control all access of removable media. Limit media types and use. Scan all media for malware before importing into the corporate system.
2. Home and Mobile Working
Develop a mobile working policy and train staff to adhere to it. Apply the secure baseline build to all devices. Protect data both in transit and at rest.
Establish a monitoring strategy and develop supporting policies. Continuously monitor all ICT systems and networks. Analyse logs for unusual activity that could indicate an attack.
4. Network Security
Protect your networks against external and internal attack. Manage the network perimeter. Filter out unauthorised access and malicious content. Monitor and test security controls.
5. Managing User Privileges
Establish account management processes and limit the number of privileged accounts. Limit user privileges and monitor user activity. Control access to activity and audit logs.
6. Incident Management
Establish an incident response and disaster recovery capability. Produce and test incident management plans. Provide specialist training to the incident management team. Report criminal incidents to law enforcement.
7. Malware Prevention
Produce relevant policy and establish anti-malware defences that are applicable and relevant to all business areas. Scan for malware across the organisation.
8. Data Breach Notifiers
Protect your network against internal and external data breach attempts. Install the devices that would alert immediately if someone is sniffing around your important data.
9. User Education & Awareness
Produce user security policies covering the acceptable and secure use of organisation’s systems. Establish a staff training programme. Maintain user awareness of the cyber risks. Read this article for more info.
10. Secure Configuration
Apply security patches and ensure that the secure configuration of all ICT systems is maintained. Create a system inventory and define a baseline build for all ICT devices.
A new Windows vulnerability actively exploited using phishing attacks
Early this month Microsoft has published a note on a critical vulnerability that allows attackers to fully gain access to the user device known as MSHTML remote code execution and CVE-2021-4...More
Windows zero-day vulnerability HiveNightmare aka SeriousSAM
HiveNightmare is one of the Windows zero-day vulnerabilities that is currently exploited in the wild. It is also known as SeriousSAM (CVE-2021-36934) due to the nature of the attack includes...More
We are nominated - Making the Difference award through the Northern Star Business Awards AGCC
The finalists have been announced for the Northern Star Business Awards, the Chamber’s annual accolades for successful businesses in the region and TechForce has been shortlisted for Making ...More
Kaseya REvil Ransomware Attack From Our Cybersecurity Specialist Harsh Panchal
Kaseya is one of the largest Managed Service Providers (MSPs) who manages and provides various IT and Cybersecurity services around the world. One of the services is called Kaseya VSA.More
FOR LATEST UPDATES SUBSCRIBE HERE: