Every company, whether you are an SME or a large organisation, must deploy some level of IT security for their IT systems.
Cost implications can affect the level of protection available but even the basics can deter and protect at an affordable price.
This article only aims to cover the basics of each, it is recommended that all of these are adopted and that further reading is completed.
The most commonly known method of IT protection is to install anti-virus. This is a relatively cheap way to reduce the risk of viruses and malware and can be installed easily.
What is often overlooked is installing anti-virus software on servers and all clients in an organisation in order to handle replication and the spreading of malware.
Commonly adopted anti-virus software can be ESET, Symantec, AVG, Avast etc. A common misconception with windows 10 is that as it comes with Windows Defender you don’t need anything else. However, we recommend purchasing a third party anti-virus as Windows Defender is quite basic and it is also difficult to centrally manage the client machines remotely if using only this.
There is still a common misunderstanding that Apple products can’t get viruses like Windows machines, but this simply isn’t true and the rumour most likely appeared around the 90’s/early 00’s when Apple iMac’s weren’t as popular as Windows machines – and thus weren’t targeted by cyber criminals. However, this obviously isn’t the case now and software such as ClamAV is one of many AV products recommended for Apple products.
Routers are how users get to the internet, and in some cases, get into. It makes sense then to add a layer of scanning to this gateway in and out.
A firewall router is a smarter router than the usual home hub. They can provide additional features such as Anti-Virus scanning before getting to the end users computer and intrusion prevention/detection which can identify potential threats.
Essentially, encryption uses a key (usually a string of characters) to scramble the data to make it useless, then when the data needs to be read it will use the same key to un-scramble the data to make it readable.
We use this so that should the data be stolen, such as a USB stick or a hard disk, it cannot be read easily and is therefore more secure.
In terms of overheads, encryption can be resource intensive on a computer or server as it will encrypt the data as it writes to the disk. However, as a general rule of thumb, if the data can be encrypted then it should be.
Always keep software up-to-date. This includes windows updates, anti-virus software and general applications such as browsers and office apps such as Word and Outlook.
Most updates released tend to be patches or bug fixes. The patches may be security patches stopping hackers infecting your machine, so it is incredibly important to have the most up to date software.
Policies and Procedures
Train staff! It’s important to note that the weakest point tends to be untrained staff. If staff understand the importance of IT policies and procedures, then USB sticks are less likely to go missing, laptops aren’t stolen and computers aren’t left logged in unattended.
Make sure clear guidelines are set out for users to follow to both secure the network and handle situations.
As always, be smart about who can get to what. If it’s a server then only those who need to, should be able to physically access it. If laptops are out in the open overnight then use laptop locks. Some basic options are;
• Passcode/Smart Card door locks.
• CCTV Cameras
In the event of any issues always keep a backup of data, this is so that you can restore data should any breaches occur such as ransomware or insider attacks deleting data.
For more information, please visit the recommended IT security training: CompTIA Security+
More in depth security best practices: https://www.ekransystem.com/en/blog/best-cyber-security-practices
Security alerts and updates: https://www.ec2it.co.uk/it-support-news-and-blog/it-security/