To protect your business from hackers, you have to think about it like protecting a castle. If you focus on just keeping the perimeter safe, like most businesses do with firewalls and antiviruses, you’ll be ill equipped to deal with the inevitable breach. You need affordable, well-rounded security that protects your business. Here are 20 ways Nortec protects clients from hackers.
Guard the Perimeter from Attacks
Keeping the walls of the castle safe from the advanced threats of today is no longer a simple matter. It requires identity-based security and a level of sophistication that outwits the complexities of today’s threats, but also includes ease of use for staff. Even though perimeter security isn’t enough, you still need it. Start with these 7 tips for protection:
1. Enable secure single sign-on for all cloud and on-premise apps
2. Use multifactor authentication (MFA) for sign-ons and transactions
3. Employ secure remote access for on-premise apps (not using a VPN)
4. Make use of identity-based protection software that can learn behaviors to detect threats sooner
5. Protect against ransomware and phishing attacks
6. Automate protection with risk-based conditional access (this is intelligent approval of access)
7. Restrict administrative access on an as-needed basis
Security is more than firewalls and antivirus software. After all, there’s always going to be that one employee who clicks the ransomware link or connects to an unsecure Wi-Fi with company devices. Once a threat is on your network, it won’t stop until every computer is infected. This is how you stop it:
8. Classify and protect specific types of data (i.e. vendor credit cards), regardless of where it’s shared
9. Give IT admins and users full visibility to track access to protected shared data
10. Protect corporate data like apps, emails and data on employees’ personal devices (you can do this without disrupting personal data)
11. Use a tool that enforces security policy for mobile devices, apps and PCs with easy-to-use management tools
12. Get automated risk detection, reporting and analytics on an ongoing basis
It can take days, weeks or months to notice when someone is on your network who doesn’t belong there. It took Equifax over 6 weeks to notice their attacker, and we all saw how that went. Here’s how not to be like Equifax. Your security software needs to:
13. Learn to detect suspicious behavior and quickly identify advanced persistent threats on-premises or in the cloud
14. Identify, report and halt any malicious attacks as close to occurrence as possible
15. Relay simple attack timeline with clear and relevant information about the attack so you can focus on what is most important
16. Deliver advanced security reporting to protect against suspicious behaviors and advanced attacks
17. Offer easy reports that give visibility into the integrity and security of your organization
There might be holes in your security you’re not even aware of, or options that you have at your disposal for relatively cheap but don’t know to use them. A security assessment should include:
18. Identifying what you have and aren’t using
19. A review of what gaps you have in your security that hackers might exploit
20. A whiteboarding session where we walk through what’s possible
All these options are easily and affordably available through Microsoft. Microsoft is on the cutting edge of security, offering sophisticated security tools that integrate with all their business-class solutions. But let’s be honest: Microsoft doesn’t do the best job at communicating what these options are and how to configure them. As a Microsoft Certified Partner, we think that should be our challenge – not yours.
As you expand on your security, there are also a lot of potential pitfalls. For instance, if you turn on your multifactor authentication without setting it up on your devices, you won’t be able to login to your apps through different devices. Working with a managed services partner who specializes in Microsoft is the best way to get affordable, sophisticated protection for your business.
Let’s talk about your security. Contact us today and see what’s possible.