IT Security – What can you do to keep your IT secure in 2018?
The last few months have seen a spate of cyber-attacks targeting companies across all sectors, reminding us all of the vital importance of maintaining effective IT safeguards and cybersecurity. And with the arrival of the General Data Protection Regulation (GDPR) on May 25 this year, all businesses will face the extra scrutiny of their IT practices.
As a specialist IT Support company, we advise businesses in every sector on security. To help you analyse and improve your own organization’s security, here’s a helpful guide to the main areas of focus, and the steps you can take to stay safe.
Secure areas
Ensuring that your vital IT infrastructure is physically secure is crucial. Access to IT premises and equipment should be restricted to the people directly responsible for its operation, and critical components such as servers should be based in a separate, secure area.
Secure storage
Everyone has a role to play in security, staff should follow a clear desk policy under which all documents and equipment are locked away when not being used. Secure printing is another useful option, while all devices should be turned off at the end of the day.
Secure disposal
The improper disposal of records and IT equipment is potentially a major security weakness, staff should routinely shred unwanted papers. When it comes to disposing of IT devices, get in touch with us at AMJ IT. We can help you to effectively erase data to an industry-level standard at a competitive price, with a free initial assessment.
General data access
Controlling who can access your data is vital in order to minimise the potential threat if you experience a security breach. Staff should only be given the IT access that they need to do their jobs and administrative powers should be restricted to your IT team.
Home and mobile working
Mobile working often involves the use of business data outside your business premises and poses risks of theft, loss and compromised confidentiality. It’s important to carry out a full assessment of the risks involved in mobile working and introduce measures to combat these risks, as well as a strict process for permitting and managing mobile working.
Secure configuration
New and existing hardware can contain vulnerabilities such as unwanted guest accounts, widely-known default passwords and unnecessary software, all of which can make it easier for hackers to access your data. All IT equipment should be configured on installation to remove potential security risks, keeping an up-to-date inventory of all your IT equipment will help you to spot and remove any potential hardware vulnerabilities.
Removable media
All removable media such as USB drives, CDs and smartphones are vulnerable to loss or theft and it is vital for your organisation to introduce procedures to properly control their storage, use and disposal. There are secure Cloud solutions that make it possible to back up your data without using external devices, but where removable media is unavoidable, you can use software that restricts the use of devices to individuals. Business data can also be encrypted.
User access control
Access to user accounts within your organisation should be restricted to authorized staff members, and these accounts should be actively managed to ensure that access is kept to the necessary minimum. Personal and sensitive data should have a higher level of access, authorized by management, and every user should be given their own username and password for accountability in the event of a data or security breach.
System password security
Maintaining strong password procedures can help you to detect any malicious or dangerous access to your IT system. ‘Brute force’ password attacks are common so it is important to ensure that your staff regularly change their passwords and use passwords that meet complexity requirements and therefore are hard to guess. More specifically, passwords cannot contain the users name or parts of it, they must have at least 6 characters and have at least three of the four available character types such as lowercase letters, uppercase letters, numbers and symbols.
While it can sometimes be tricky for staff to remember multiple passwords, it is vital that these passwords are never written down. Disabling a password after a certain number of log-on attempts or when a staff member moves teams is another important safeguard.
Malware protection
Malware such as viruses, Trojans and spyware, is a constant threat to every organisation. Email attachments, websites and removable media are all potential entry points for malware, the effects of which can be devastating. Installing and maintaining high-quality security software is essential, along with regular scans of your network. Ensuring that staff are fully informed about the risks of malware will also help you to protect your business.
Antivirus
All IT equipment should have antivirus software installed, although this may not be necessary for tablets and smartphones if they are configured according to the guidelines issued by the National Cyber Security Centre (NCSC). As an experienced IT security company, AMJ UK can advise on antivirus measures and we offer a free initial assessment.
Backup and restore
If your business suffers a major security breach or hardware breakdown, all of the data you hold could be at risk. A robust system of routine back-ups will help to prevent this risk. How often you need to back-up will depend on the sensitivity and significance of the information. Backed-up data should ideally be stored securely away from the main business location, and the back-up and restore process should be regularly tested.
Monitoring
Monitoring is an important part of any security plan. It can help you to spot external or internal IT security threats. All network traffic should be monitored on a continuous basis so that suspicious activity or trends can be spotted. Your system should be able to log details of every user access to business data. It is also important to ensure that your monitoring and logging procedures comply with the General Data Protection Act (GDPA).
Patch management and updates
The most popular software products often contain vulnerabilities that can be exploited by hackers, and over time, these weaknesses become more widely known. It is important for your business to update its operating systems and applications regularly, to ensure that the latest security patches have been applied, keeping vulnerability to a minimum. For more information, read our article on the importance of having a server IT Maintenance plan.
Network access
Consider physical access to your network. Assess your office and avoid live RJ45 outlets in unattended places that could be accessed by authorised individuals. Make sure network cables left in unattended places are hidden or secured and that additional wired client security (802.1x or Ethernet switches) are added to your network.
Boundary firewalls
Your business should have robust firewall software in place to protect your IT infrastructure at the boundary between the internet and your business network. The impact of security breaches can also be reduced by separating segments of your network, such as, for example, keeping your web server isolated from your main file server, which makes it harder for any attacker to access your data if your website is compromised. When installing new IT equipment, it is also important to ensure that connectivity settings are adjusted to the minimum necessary, reducing the opportunities for hackers to access your data.
At AMJ UK, we provide a full IT security consultancy package, covering every aspect of IT security, and we offer a free initial consultation, We also specialise in providing IT Support Kent and IT Support in London to businesses. Call us today and find out what we can do to help you keep your organisation’s IT safe and secure in 2018.
