With Black Friday and Cyber Monday just around the corner, we wanted to give you a few tips on how to keep yourself safe in this holiday season.
According to the Carbon Black Threat Analysis Unit (TAU), organizations saw a +20.5% increase in attempted cyberattacks between November and December of 2016. If this trend continues in 2017, organizations should be extra vigilant as these attacks often begin around the Thanksgiving holiday.
What does insecure mean? Insecure means that your network and the data contained on it can be easily accessed without your knowledge by unauthorized people.
What’s your liability? If you’re a business, at a minimum, you have your employee social security numbers on file probably in QuickBooks or some other accounting application. You may also have trade secrets, plans, or account information. This is what the hackers want.
What should I do? There are a few things you can do to make yourself more secure. These things are not complex but they will require some time from you or a member of your staff.
Create a strong password policy.
- Enforce password changes. We recommend changing your password at least every 45 days.
- Make your password complex. Make your passwords at least seven characters long. Mandate usage of at least three of the following categories in your passwords: upper case letters, lower case letters, numbers, and non-alphanumeric characters.
- Setup a password lockout policy – Hackers love it when they can try to crack a password by entering different combinations over and over until they get it right. Lock the account if there have been too many incorrect attempts. We recommend locking the account after five attempts.
Create a company wide Cyber Security Training Program
- Your first line of defense is your employees. Create a program that trains them how to recognize exploits so they aren’t taken advantage of and you don’t lose your most important asset, your data.
Regularly update every device on the network.
- Hackers’ #1 method for breaking into your network is by exploiting the devices on your network that are not updated. They do this by running robots on the internet that are aware of all published and unpublished exploits for all network devices. If they hit a device that answers to the exploit they are in. The only way to close this hole is to know every device that is plugged into your network and make sure it is updated with the most current patch available.
Change out your network firewall and wireless access points.
- I know, these devices are probably still working and they have been for the past five years. The problem is that the manufacturers of your firewall and access points eventually stop updating them. If you haven’t seen a patch for your wireless access points or firewall in the last year, then it’s time to replace them.
Police your network login accounts.
- Disable or delete the accounts that are not in use.
- Make sure that NO ONE has admin rights that does not need it.
Keep your security software up to date.
- Install security software on any device that has proprietary info and keep it up to date.
Create a network security policy and live by it.
- Please check out our post on how to setup a good network security policy for some tips on how to do this.
Test your security regularly and fix anything that isn’t working right.
- Scan your network for vulnerabilities regularly.
- Do penetration testing against your firewall.
- Fix everything that turns up in your tests.
This may sound like a big task but it really isn’t. If you don’t know where to start then give us a call at 512-832-6209 and we can help.
On a lighter note:
Black Friday is the busiest day of the year for plumbers and drain cleaners. To avoid the same fate, follow these tips!
Happy Thanksgiving!
Sincerely,
Your UniVista Team
*Celebrating 20 Years of Customer Satisfaction*