Do you Cybersecure?

Published on: 10 September 2019
  • By Loïc Calvez
Do you Cybersecure?
folder icon POSTED IN
Technology

In more details:

Patch everything

Patches are the manufacturers way to tell you they found a problem that needs fixing. Always apply all patches to all devices by following a simple process: test, deploy and verify. Just keeping everything up to date will avoid you loads of trouble: many of the successful recent attacks leveraged security vulnerabilities for which patches had been available for weeks (or even months!).

 

Layer you defences:

Don’t be a single trick pony. Hoping that the local antivirus on your PC will save you is so 2010… The two main attack vectors are web and email, the malware agent on your devices is the last bastion in case all else fails. 

Email: You need a solution that leverages multiple layers of defence: basic signature scanning to get rid of the low level attacks efficiently, sandboxing technology to execute/detonate the workload in a safe environment to detect zero day malware and advanced heuristic to identify phishing and spoofing attacks.

Firewall: You need a Next Generation Firewall that can marshal the connections, but that can also inspect the content of the traffic (ideally also within encrypted traffic).

 

Backup all your data

Well, sh*t happens. Sometimes, even when you do everything right, you may end up needing to recover. So what is a proper backup? One you can restore when all hell breaks loose. So it needs to be valid (aka you have tested it), it needs to also be offsite (in case something happens to the physical building and it needs to be air gaped (some new variants of ransomware are getting very good at deleting backups before they lock out your environment, make sure you backups are protected).

 

Train your people

Technology is the easy part. Successful attacks now target humans, not devices (don’t click that link!). You need to help your people ask themselves the right questions and take the right actions. Cybersecurity awareness training and phishing simulations can help.

 

Enable your people to succeed by giving them the right tools

Humans are crafty creatures, people have a job to do and if you do not provide them with the right solution, they will find one on their own (and you probably won't like it). Make sure you give them the tools they need, cloud storage to backup their files and exchange data, instant messaging so they can get the answer they need when they need it and an email systems that give them additional information on the emails they get to make better decisions on if they should open that file or click that link.

 

As always, we are here to help you, contact us for more information.

Subscribe and Get The Latest News

Related Posts

We are thrilled to announce that ALCiT has successfully achieved SOC 2 certification, a significant milestone that underscores our dedication to maintaining the highest Cybersecurity and data...
We have been getting this question more often lately and that is a great sign that people are starting to understand risks and exploring solutions. In this blog, we will dive into the pros and cons...
The first step in our process is "Assess" which aligns closely with the Five Functions of NIST. The main two reasons we start here are simple: 1: you can't protect what you don't know you have, 2:...