Cybersecurity is a basic necessity: Why do you need to secure your office and your home?

CyberSecurity Awareness

 

Every day we spend more and more time in the virtual world where we have no boundaries. Our devices are crucial for our daily routine tasks. We start our day with a phone/iPad or laptop, and we use it the whole day until we go to bed. As our phones or laptops give us the freedom to roam in this free world, it introduces many different risks. Our devices are primary targets of cyber threat actors; that’s why Cybersecurity becomes a basic necessity for everyone.

As per the CNBC report from 2019, 43% of cyberattacks are aimed at small businesses, but only 14% are prepared to defend themselves (According to Accenture). These incidents now cost enterprises of all sizes $200,000 on average, reveals insurance carrier Hiscox. More than half of all small businesses suffered a breach within the last year. Today, it’s critical for small businesses to adopt strategies for fighting cyber threats.

Fortunately, you can secure your devices by taking following steps, as mention below.

Steps to secure Small-Medium Business:

  • Patch your OS and Applications: Always patch OS and applications on time, reducing the business’s threat landscape.
  • Harden your System and Applications: Always disable the unnecessary feature of OS and applications.
  • Network Security: Always create security zones on your network and secure your network perimeter with a Firewall.
  • Web Security: Always configured web applications on a segmented network and secure your web application using web application firewalls.
  • Host Security: You should secure your workstations and/or servers with anti-virus and application whitelisting.
  • Email Security: Email is the top threat vector for cyber threats. Email security gateway can protect you and your employees by preventing phishing or advanced threats through emails.
  • Tailored Security Awareness Training Program: Human is the weakest link in Cybersecurity, and Every business has different crown jewels. To protect your business and its crown jewels, you need to train your people using a tailored security awareness training program.
  • Vulnerability Management Program: Performing regular vulnerability assessments on your infrastructure provides insight that will help you prioritize your patching and configuration management.
  • Limit the admin privileges: Always limit the admin privileges in your environment. The principle of least privilege rights needs to be mandated in the organizations.
  • Use Strong Password Policies: Organizations should use strong password policies as per the NIST Password policy.
  • Data Backups: Organization should perform Data backups regularly. Backup can be beneficial in case you become a victim of ransomware or other various types of data loss.
  • Incident Response Plan Document: Business needs to create Incident Response plan document, so they know what needs to be done in case of the cybersecurity incident.

 

 Steps to secure home devices:

  • Keep up to date your operating system (MS Windows, macOS, or Linux/Unix) machines.
  • Keep up to date your applications (adobe, MS word/excel, etc.) and patch them regularly.
  • Install Anti-virus on your devices and always keep it up to date. Always purchase Anti-virus from authentic places.
  • Do not use Open or free Wi-Fi without Virtual Private Network (VPN) for internet access.
  • Secure your email, and social media account using Multi-Factor Authentication.
  • Always use Digital Password Wallet to create and store unique passwords for your different accounts.
  • Check the following indicators for phishing emails or phone scams.
    • Urgency: If someone asks you to deposit money using gift cards, bitcoins, pre-paid cards urgently over email or phone, then think twice about this request. Most probably, it’s a phishing email or CRA scam.
    • Grammar Mistakes: Always look for grammar mistakes in the email. If you find many grammar mistakes in the email demanding something from you, it’s probably a phishing email.
    • Free: Many phishing emails have free things to offer, like winning the Lottery or some prince who wants to give his share from the property. Most of these things are phishing emails.
    • Threats: If someone threatens you over a phone call with that CRA/RCMP/IRCC/Law Enforcement coming to arrest you if you didn’t pay your income tax or ticket, then please hang up the call immediately.

 

 

We (EPIC IT Security Ltd) will provide you with all the guidance and technology you need to secure your organization. Please contact us at [email protected] or call us at +1 587 208 3742.