Types of Cybersecurity Solutions for Small Business
Small Business Cybersecurity Topics
Backup and Data Recovery
We know a European company that did an excellent job protecting its network at both the firewall level and at its endpoints. Hackers tried to get in and failed. That was until they found a vulnerability in the company’s backup system, which wasn’t encrypted. From there, the hackers managed to pull down a backup of the server. That attack was like having full and uninterrupted access to the company’s network.
Many businesses face this vulnerability. They know the importance of regularly backing up their data but fail to encrypt it. It’s so common that it’s built into some hackers’ processes to leave successfully installed malware dormant for long periods, so the data backups also are infected when the target company is targeted with a ransomware attack. As a result, there’s no backup rescue and the targeted company might be forced to capitulate to the ransom demands – even though they were backing up their data.
Even “clean” backup files might take several days before the recovery process can be completed, which can be devastating to your business. Instead, look for backup and disaster recovery (BDR) services that can launch a virtual copy of your files in minutes as a temporary solution that keeps your business running while your server is rebuilt.
Long gone is the day when “password” can be your team’s preferred password. Hackers buy and sell lists of the most common passwords and patiently try them on their intrusion targets. They have all the time in the world (especially when the program scripts to do the work for them). Today, most businesses are much more sophisticated when it comes to knowing how easy it is to guess short and obvious passwords. Now they’re longer, alphanumeric, include at least one special character, and must be changed regularly.
But even that invites problems. One TPx client did a commendable job of mandating a safe password protocol. However, we recognized that their passwords were so long and complicated that we suspected proper steps weren’t taken to safeguard those passwords. We toured the premises after-hours and found sticky notes with written passwords on or near computer terminals or under keyboards in at least 30 percent of workstations!
Password managers solve both issues by enabling users to know only one master password translated into a unique encrypted password for each place a password is used. Most password managers use military-grade AES-256 encryption and keep the encrypted passwords in a virtually impenetrable vault. No cybersecurity tool is perfect, but a password manager is as close as you’ll get when it comes to keeping employee and customer passwords out of the wrong hands.
Multi-factor authentication (MFA) is the access process by which two or more means of authentication must be provided – not just a password – to gain access. The most common method asks users to respond to security questions with previously provided answers, such as mother’s maiden name, first car, favorite pet, etc. This approach isn’t foolproof since many of those answers might be found within the user’s social media content.
More recent and more trustworthy secondary verification methods include codes sent to external devices, such as users’ cellphones or wearable devices like Bluetooth-enabled bracelets. The idea here is that, while a data thief might have stolen a password, the hacker probably isn’t also in possession of secondary codes or users’ phones or other devices receiving it (though code hacking has occurred). MFA methods also are being developed to use biometric verification, such as users’ fingerprints or eye scans.
We all know that our Internet programs and files are under constant attack. As soon as software providers discover vulnerabilities, they issue a patch as a fix. Patches might also be released to update or improve systems. Your IT department understands the importance of applying these patches, but there are only so many hours in the day. Automated patch management is critical as an attack prevention strategy and should be part of your baseline solution.
Endpoint Detection and Response (EDR) and Managed Detection and Response (MDR)
Benefits of Endpoint Detection and Response
- Protection for endpoint devices
- Next-gen antivirus
- Improved system reliability and performance
- Reduced downtime
- Increased employee productivity
Benefits of Managed Detection and Response
- MDR has all the benefits of EDR, plus:
- Advanced threat hunting
- Proactive threat mitigation
- Identifies more threats (antivirus alone misses 60 percent of attacks)
- Reduced dwell time
- Fully managed
- 24/7/365 monitoring that never sleeps (just like the bad guys)
DNS ProtectionIn addition, you can add Domain Name System (DNS) Protection, which provides an additional layer of protection between employees and the Internet by blocklisting dangerous sites and filtering out unwanted content. A secure DNS solution can be deployed to protect both in-office and at-home networks and typically provides:
- Content filtering
- Malware and phishing blocking
- Botnet protection
- Advertisement blocking
- Typo correction to prevent entry to malicious domains
- Improved lookup speeds
Need to strengthen cybersecurity for your business?
We can help! Get in touch with us below to speak to one of our experts.
"*" indicates required fields