One annual task that a business really should be doing for good security hygiene is to review its IT securitysafeguards and see if they’re still adequate to protect from new and emerging threats.
This is particularly important this year due to the disruption of the pandemic and the drastic increase it caused in cyberattacks.
A few statistics that show how dangerous the online landscape has become include:
- The FBI reported a 400% increase in cybercrime during the pandemic
- Ransomware grew by 72% due to COVID-19 disruption
- The switch to a remote workforce as brought a 50% increase in mobile vulnerabilities
The costs of a ransomware attack or data breach are steep and can cause a small business to close permanently. The current cost for remediation after a ransomware attack for a smaller business is $505,827.
Looking at emerging threat trends over the last 12 months, we’ve put together several tips for boosting your IT security in the right places for 2021.
Use a Password Manager & Multi-Factor Authentication (MFA)
According to the Sophos 2021 Threat Report, basic lack of best practices for IT security are one of the major facilitators of the breaches and malware infections seen over the last year.
The report states, “A lack of attention to one or more aspects of basic security hygiene has been found to be at the root cause of many of the most damaging attacks we’ve investigated.”
One of the main tenets of good IT security is strong passwords. Employees often use weak passwords because they have too many to remember. This can also lead to them storing passwords insecurely in places like their contacts app or a plain text spreadsheet.
Using a password manager and implementing MFA can help you ensure your team is using strong and securely stored passwords. According to Microsoft, MFA stops 99.9% of fraudulent sign-in attempts, even if a hacker has a password.
Ensure All Employee Devices Have DNS & Email Filtering
Ransomware is one of the most dangerous forms of malware both because of the costs and the fact that it’s becoming more sophisticated. The Sophos report noted that ransomware attacks are now being perpetrated by criminal cartels and as a result are becoming more sophisticated.
Two protections that all employee devices should have to help combat ransomware are:
- DNS Filtering: This tool is designed to block malicious websites even after the link has been clicked. Malicious links are the most common way that phishing scammers infect systems with ransomware and other malware.
- Email Filtering: Email filtering significantly reduces the amount of spam and dangerous phishing emails in employee inboxes. This is an important protection to help combat the rise in targeted phishing attacks on businesses of all sizes.
Use Managed Services for Remote Employee Devices
Hackers have been taking advantage of remote teams and the fact that many companies weren’t really sure how to monitor employee devices when they began working from home due to the pandemic.
No matter where an employee device is located, it’s still connecting to the same business applications and assets, and needs the same protection.
It’s important to ensure devices have remote monitoring and management through a program like Quantum Care. Some of the benefits include:
- Patch & update management
- Managed antivirus/anti-malware
- Ongoing health and cybersecurity monitoring
- Remote tech support
Use an Endpoint Device Manager
How often do you use a mobile app to check email or access work rather than your PC? It turns out that on average, mobile devices now do about 80% of the daily work in a business and make up about 60% of the total endpoints.
But mobile devices, especially those that are employee owned, are often lagging behind when it comes to cybersecurity.
One of the emerging threats last year was the use of sophisticated mobile malware to infiltrate mobile devices. Employees usually aren’t as guarded when it comes to downloading a “cool looking” mobile app as when they’re looking over a suspicious email.
To ensure that employee devices that can access your data aren’t posing a risk, it’s important to have an endpoint device manager in place. This type of application allows a company to:
- Track device access to their data and accounts
- Remotely manage device updates
- Separate the “work” side of an employee device from the “personal” side
- Remotely grant or revoke access to a device
- Keep any mobile devices not being monitored from connecting to your assets
- Remotely lock or wipe a stolen device
Get Help Protecting Your Business from Cyber Threats in 2021
Quantum PC Services can help your Sturgeon Bay area business assess your current IT security safeguards and see if you need any updates to keep you properly protected.
Contact us today for a cybersecurity assessment! Call 920-256-1214 or reach us online.