In the digital era, cybersecurity is a significant issue. We’ve all heard about major corporate data breaches, but threat actors are increasingly targeting small companies. Whether your firm is a multinational conglomerate or a tiny sole proprietorship, it is critical to have robust and secure cybersecurity protection. Many cyber thieves see small businesses as easy targets when it comes to obtaining clients’ personal credentials, bank accounts, and other sensitive information. These threat actors – hackers – can also hold organisations to ransom through malicious software called ‘ransomware’ where computers on a corporate network become infected and their data locked up through encryption. This unwelcome encoding uses a key that is only made available to the victim after they transfer (often substantial) funds, usually Bitcoin, to the attacker.
Steps You Can Take to Improve your Cybersecurity
So how do you stop these attacks from happening? Well the good news is that there are several quick and simple ways to start protecting your organisation from attackers.
The first step is to make sure you’re keeping all the software on your computer systems, including the operating system itself, up to date. That is particularly important for Windows desktops and any servers you may have, though Macs are far from immune, they have traditionally been less of a target. Modern operating systems are pretty good at keeping themselves updated if you’ve selected that option.
One of the fundamental routes for attackers to infiltrate your IT systems is through poor passwords. The first thing you should do is to ensure that no devices, including computers, mobile devices, routers, and firewalls, are using easy to guess or factory-default passwords. You should consider setting up a password policy. It needn’t be a daunting task as you don’t need to reinvent the wheel because many tech organisations like Microsoft and Google have already done the heavy lifting for you.
As part of your password policy, it’s also an increasingly wise idea to institute two-factor authentication to provide an additional layer of security tied into your password policy.
Using a Firewall
The next step to take is usually to install a firewall. A firewall is tasked with monitoring incoming and outgoing traffic to assist in the prevention of cyber-attacks on your systems, and typically the first line of defence in ensuring the security of your network. There are broadly speaking, two main types of firewalls; software or hardware firewalls. A software firewall is just code that is installed on the computer itself, and watches for the incoming and outgoing traffic for potential issues. This is an adequate if not ideal solution for a home network, but for even a small business, a hardware firewall is recommended as software firewalls only really protect the device on which they are installed. The central advantage of a hardware solution is that it can protect every device on the network from a centralised location through which all traffic moves – like security guards at an airport checkpoint.
How To Select the Right Firewall
As a firewall is such an important step towards the protection against IT security threats for your organisations, it’s important to get the right solution in place. In fact, it’s possible your existing internet router has a simple firewall inbuilt. But much like a software firewall, these are usually sufficient for home users, but don’t have the capabilities of a dedicated hardware firewall.
Choosing a dedicated firewall with the capabilities you need to safeguard your business from dangerous hackers, spyware, and viruses may seem complicated, so there are several things you should look to consider when making a choice:
- Is it effective in protecting against attacks – a quick search for the model and reviews is a great place to start
- Simple to set-up – unless you have dedicated IT staff, your firewall should be relatively easy to get set-up out of the box
- Easy to manage – the more complex firewalls require a lot of effort to maintain
- Established company – we’ve seen several manufacturers go out of business and therefore stop developing updates and patches for their firewalls, so cheaper isn’t always that way in the long run
Pitfalls and Limitations of Firewalls
A well maintained reputable firewall for small business is incredibly important for good cyber security, but they do have their limitations. They aren’t ‘intelligent’ so only do what they are explicitly told. This means that if they are instructed through their settings and configuration incorrect things, they can actually do more harm than good.
As firewalls are essentially traffic lights for data saying what can go and what must stop, a misconfiguration can easily (and all too frequently) stop genuine use on the network by halting legitimate traffic.
Furthermore, mobile devices are not always on the corporate network by their very nature, so can become infected and then rejoin the network. And as the device wasn’t connected to the firewall at the time of infection, the firewall can’t help prevent this intrusion.
Lastly, far too many organisations don’t keep their firewalls up to date, meaning that new threats aren’t being addressed. Even an annual review of your IT security is better than nothing. So setting aside time to try and make sure you have updated all your systems and that their settings are optimally configured, including your first line of defence – your firewall – is vital for cyber security.
Software updates, password policies, and installing a firewall are not a silver bullet. It’s the equivalent of locking your doors and windows; it’s important to deter many of the attempts that might otherwise occur, but they aren’t going to stop determined burglars.
Internet 2.0’s solution offers far more protection than a typical firewall, and is managed by a team of ex-military and ex-intelligence cyber experts meaning you don’t have to hire dedicated staff to maintain your security. If you’d like to understand how you can ‘set & forget’ your cyber security solution, contact Internet 2.0 today for a confidential conversation.