National Computer Security Day commences on the 30th of November, which aims to improve public awareness of cyber security issues and encourages maintaining individuals’ online safety. In a response to hybrid working, many businesses are re-evaluating their current cyber-security systems.
In a recent report undertaken by PwC, 66% of UK business owners believe the cybercrime threat will only increase over the next year, predominately fearing ransomware attacks, business email compromise, and viruses delivered via software updates.
IT Specialist BCN Group has provided seven of the fundamental basic security tips for businesses to incorporate across their IT systems for stronger protection against cyber threats.
1. Anti-Virus with Windows Defender
Ensure that every end-user device that has been assigned by the business comes with up-to-date anti-virus software. Microsoft will regularly provide updates and patches to ensure devices are protected from the latest threats. Microsoft 365 Enterprise license users will also have the power of Microsoft Defender Advance Threat Protection which will work in conjunction with Windows Defender Antivirus to provide live reporting and intelligence.
2. User Account Security
All devices need to be configured with security optimised passwords, usernames, and multi-factor authentication. Phishing scams are already on the rise as cybercriminals prey on the vulnerable and weak passwords continue to be the primary driver for breaches on a global scale. For many working from home this means that documents and conversations are more open to access from others, even if it’s just family.
Therefore, ensure that all programs have complex passwords randomly generated. All remote staff should be using a password manager. Businesses should also, as normal practice, activate Multi-factor Authentication (MFA) to all users as it provides an additional layer of protection by requesting approval, from a secondary device.
3. Remote Device Management and Encryption With 3 Microsoft Intune
Building secure device policies are key to keeping your business data safe. Enforcing device encryption, deploying password policies, enforcing update controls, receiving device analytics and alerts, and whitelisting applications should now be high up the priority list.
Deploying full disc encryptions across your mobile devices to negate the risk of data theft should the device be lost or stolen. Intune’s mobile device management platform allows you to control this security measure for all users from a single platform. More businesses are operating a Bring-Your-Own-Device (BYOD) policy, therefore, Microsoft Intune ensures that data is protected from more personal apps and ensures there is no cross-contamination.
4. Restricted User Controls with Advanced Threat for Protection
To protect business data, consider restricting user controls. For example, peripheral control: you can block the use of peripheral devices such as USB drives, DVD drives and restrict the use of things like Bluetooth and infrared being used on devices. Activate web filtering to block out pages from websites that are likely to include spyware, viruses or other objectionable content. Rights Management Policies being implemented is a good way to ensure that any sensitive files and data cannot be taken or passed on by both internal and external unauthorised users or devices.
5. Securing Access Back to Your Workplace
If your data is on the premise, then VPN connectivity is essential in providing secure access to your server. If your data is in the cloud, then users should enable multi-factor authentication on each device they access data through.
6. Secure Score
Microsoft Secure Score is available across all Microsoft 365 licences and provides a detailed report of all potential risks as well as recommendations and quick fixes to resolve them.
7. Ensure Employees Have Enough Cybersecurity Awareness
Cyber threat prevention can be simply improved by better education and awareness to your employees. Through online training of new security software’s your business is introducing frequent updates on merging security issues in this ever-changing environment.
Simon Heafield, Group Operations Director at BCN Group says: “Making your employees aware of the potential risks and procedures to take is at the core of all of these tips. Underestimating your employee’s role in helping prevent cyber risks can be so damaging for your business, as many of us have bad habits in terms of our personal internet security use outside of work.
"Therefore, we should be giving our employees clarity when there are new trends in the cyber security space for the most effective action on top of incorporating the right online software solutions."