7 Crucial steps for protecting your company from cyber attacks

Posted By Ian Crates  
22:13 PM

A business falls victim to a ransomware attack every 14 seconds, and that number of cyberattacks each day keeps growing.

What are you doing to protect your company and ensure you are prepared if the worse happens?

I have heard of enterprises paying huge fines or even going out of business because of a simple hack to their systems. And it is not just enterprise-sized companies that are being hit. You could be next.

Prevention is the key, in this blog, we'll show you 10 ways to help prevent cyberattacks and show you ways to safeguard your business effectively.

1. Train your staff

Your company defenses are only as strong as your least informed or trained employee. Attackers of your system are very good at locating the weak points of entry into your system or network.

One of the most common ways cybercriminals get access to your data and systems is through your employees. They send phishing or infected emails to someone asking for personal details or for access to particular files. The emails often link to a site or contact form. These Sites look legitimate and often are a reproduction of the original site. It can be extremely hard to tell that the site are not legit. 

Some things your employees should be trained to look for are:

Always check the links before clicking

  • Look at the email address they got the emails from and the return address
  • If they are unsure, don't click the link and ASK!

2. Access management

One of the risks as a business owner and having employees is them installing software on business-owned devices that could compromise your systems.

Having managed admin rights and blocking your staff from installing or even accessing certain data on your network is beneficial to your security. It’s your business, protect it!

If an employee leaves your company or transfers to a different company location, take protective action immediately, including deleting passwords and accounts from all systems and collecting company ID badges and entry keys.

3. Keep software updated

New updates can bring bigger and better features and usability, but more importantly, they also provide bug fixes, performance improvements, and other security-related patches. The bottom line is that you should always keep your software updated. 

Every new app can open the door to a cyber attack if you don’t regularly patch and update all software on every device used by your employees.

4. Install a firewall

You've heard of firewalls, but what are they really for? Do they stop viruses? Can you manage without one?

A firewall is a security device — computer hardware or software — that can help protect your network by filtering traffic and blocking outsiders from gaining unauthorized access to the private data on your computer.

Not only does a firewall block unwanted traffic, but it can also help block malicious software from infecting your computer.

Firewalls can provide different levels of protection. The key is determining how much protection you need.

Most operating systems (desktop and mobile) feature a basic built-in firewall. However, better control options and more reliable results are often gained from using a third-party firewall application. These are available either as standalone tools or as part of a security suite.

5. Backup your data

In the event of a disaster (often a cyber attack) you must have your data backed up to avoid serious downtime, loss of data, and serious financial loss.

Backup is crucial for data protection. A regular data backup—preferably daily or weekly—saves your important files from inevitable data loss situations due to common events such as system crashes, malware infections, hard drive corruption and failure, etc.

Most importantly, remove your backup from the site or store it in a fire-rated safe. If you leave the backup device connected to your network, this could also get infected by ransomware and become un-usable.

6. WIFI Security

Some Wi-Fi access points still offer the older WEP (Wired Equivalent Privacy) standard of protection, but it is fundamentally broken. That means that hackers can break into a WEP-protected network using a hacking suite like Aircrack-ng in a matter of minutes.

Not only do the wireless security protocols prevent unwanted parties from connecting to your wireless network, but also encrypt your private data sent over the airwaves. No matter how protected and encrypted, wireless networks cannot keep up in safety with wired networks.

Set your router to use WiFi Protected Access 2 (WPA-2), with the Advanced Encryption Standard (AES) for encryption

If you provide wireless internet access to your customers or visitors, make sure it is separated from your business network.

7. Setup and use Web and Email filters

A web filter provides an additional level of protection against phishing by preventing users from visiting malicious websites sent via email and social media posts. When an attempt is made to visit a known malicious website, access will be blocked, and the user will be directed to a block screen.

When you enable email filtering, you allow the software to independently analyze incoming emails for red flags that signal spam/phishing content and automatically move those emails to a separate folder. 

Most major email providers have spam filters built in that move questionable emails to a "Junk" or "Spam" folder. Sometimes, these folders have a setting enabled that automatically deletes all emails in this folder after a specified period.

Make sure you have policies in place for how your employees use the internet and what sites are appropriate to visit. This may seem a no-brainer to most, but it only takes one employee to visit the wrong site to inadvertently download malware or a virus onto your system.

Concluding thoughts

No matter how robust your defenses are, hackers somehow find a way to penetrate your systems. Hence it is advisable to have remedial measures beforehand, and I hope you find these points of use to you. 

You need a solution that’s right for your business and your employees. Get in touch with us today for a no-obligation cyber security assessment. We can help kickstart your journey to becoming secure.

Talk to Terrafirma today to find out how we can help you secure your network and prevent cyber attacks.