Call us now on 01592 858333
You are here
5 Tips To Help You Avoid A Cyber Attack
Wynn Jones, Director,Praetorian Security Ltd
To make the UK a safer place to conduct business online, the Government have developed a “Cyber Essentials” scheme.
Designed to provide guidance on basic technical security controls, the scheme identifies what an organisation needs to have in place to help defend against unsophisticated internet-borne threats.
So, if you use any internet connected devise such as a desktop PCs, laptop, tablet and smartphone or an internet connected system ie. email, web and application servers, you should take a look at the 5 tips listed below.
Approved Cyber Essentials Practitioners, Praetorian Security have the proven knowledge and expertise to advise, design and deploy the measures needed to not only get you through the cyber essentials certification process, but also to help you stay as safe as possible against the majority of common cyber-attacks. Here is a summary of the steps you should take:
Boundary Firewalls and Internet Gateways
Have you installed Firewalls or similar devices at the boundaries of the network?
Have the default usernames/passwords on all boundary firewalls (or similar devices) been changed to a strong password? (That doesn’t mean the name of your dog, cat, wife, children, football team, DOB, etc…)
Have all open ports and services on each firewall (or similar device) been subject to justification and approval by an appropriately qualified and authorised security consultant? (In our experience 70% of SMEs have poor firewall security rules).
Remote administration of the firewall is disabled or locked down to specific IP addresses?
Have all unnecessary or default user accounts been deleted or disabled? Most IT equipment or software installed has some form of default username and password configured, we find these during tests on 80% of companies.
Confirm that all accounts have passwords, and that any default passwords have been changed to strong passwords? (Again Password123, Rangers1972, TiddlesDOB are not strong).
Has all unnecessary software, including OS utilities, services and applications, been removed or disabled? (It just adds to the list of possible attack vectors for the hacker).
Has a host based firewall been installed on all desktop PCs or laptops, and is this configured to block unapproved connections by default?
Do you have a backup policy in place, and are backups regularly taken to protect against threats such as ransomware? (Don’t forget that just because you may backup to the cloud, if your PC connects to it all the time, it too will be encrypted during an attack)
- Are users required to authenticate with a unique username and strong password before being granted access to computers and applications? (Most small & micro companies don’t have to logon to the PC or laptop with a password).
- Are elevated or special access privileges, such as system administrator accounts, restricted to a limited number of authorised individuals? (In our experience most users run with administrative privileges all the time, this just makes it easier for the hacker to take control of the PC).
- Does your password policy enforce changing user & administrator passwords at least every 60 days to a complex password (If you don’t change your password regularly then if someone does steal it they have permanent access, also most users use the same passwords for multiple accounts online etc…)
- Confirm that malware protection software has been installed on at least all computers with an ability to connect outside of the network. (Good anti-virus software is a must, although it is possible to evade AV software it still protects against a lot of common threats).
- All malware protection software to have all engine updates applied. (Having out of date AV software is of no use).
- Are users prevented from accessing known malicious web sites by your malware protection software through a blacklisting function? (Web filtering is a very good way to prevent users from accessing sites they do need to view during work hours. Porn sites, gambling, social media, etc…)
Are all Operating System and application security patches applied within 14 days of release? (The quicker you patch these flaws the less likely you are to get hit by automated malware attacks).
Is a mobile working policy in force that requires mobile devices such as tables & smart phones to be kept up to date with vendor updates and app patches? (Also ensure that they are protected by good Anti-virus software, mobiles are now a very big target for automated attack)
Most people have the philosophy “Why would anyone want to hack me!” The truth is that they’re usually just targeting anybody they can get. The more people they infect the higher the turnover, it’s just like sales; a numbers game!
This article was written by Wynn Jones Director at Praetorian Security.
Wynn can be contacted on 0845 437 8750 or visit his website: http://www.praetoriansecurity.co.uk