With a dramatic increase in remote working in the past month or so, we’re seeing a huge rise in cyber-attacks – it’s therefore never been more important to keep your data and systems safe.
Where one person sees a challenge another sees an opportunity, and make no mistake about it, modern day hackers are opportunists.
Hacking is no longer aimed solely at large corporations or used just to make a political statement. Modern hackers are purchasing black-market software designed to exploit vulnerable companies for a profit.
For them, it doesn’t matter what your company does, or how valuable your data is; it only matters that you’re an easy target. Whether it’s through ransomware (software that encrypts your files and demands payment to release them) or attacks on your accounts team to mislead them into transferring money into hackers’ bank accounts, we are all at risk.
And like any good criminal, a hacker will pursue the low-hanging fruit. Not having the right cyber security in place is like going out with your house unlocked and the windows open when a burglar is around – it’s an easy win.
Like home-security, keeping your systems and data safe requires a multipronged approach to minimise the attack surface in line with the current threat landscape.
Whilst you may have enterprise grade cyber security in place when working from an office, this may not be the case when working from home. So, in the absence of your offices’ intrusion prevention systems and next-gen firewalls, here are 5 essential yet simple steps we recommend to keep you safe.
A strong password (see our blog here on how to make yours almost unbreakable) is great, but these days it just isn’t enough. Whether your password is phished, brute-forced or stolen with a key logger, no password is infallible.
Multi-factor Authentication (MFA) adds a layer of security to keep your account secure. MFA requires you to validate your identity by two means (typically a password and a push notification from an app), so that even if your password is hacked your account remains secure.
And if you’re concerned about this becoming a barrier to working, don’t worry as you can setup Conditional Access using Microsoft Azure Active Directory (read our short blog on what AAD is here). This allows you to setup granular policies to ensure convenient access whilst minimising risk. For example, you can stipulate that MFA is only required when not using a corporate device, or when logging in from a new device. This ensures people can work as normal without constantly being prompted for MFA.
How do you sift through and pluck out malicious emails? Historically, a well-trained eye could do this with ease. But hackers are getting smarter and - in tandem with hacking accounts - are getting better and better at luring in victims with spoofed and phishing emails.
For example, what if your customer has been hacked? The hacker may just monitor their email conversations to begin with, and when they get a feel for your communication style, that is when they will hijack the email chain and send a dangerous attachment, link or request for payment to their bank account.
To combat this there are various email filtering/security solutions you can use, but we recommend using Microsoft’s Office 365 Advanced Threat Protection (ATP) which is specifically tailored to stop you getting hit with email attacks. ATP scans all incoming emails and opens attachments in a test environment to make sure they’re safe. It also checks a live database of websites and blocks access to malicious email links.
This means that even an attachment presents as an innocuous word document, it will detect the presence of hidden malware (such as ransomware) and deliver the email having stripped the attachment.
An additional feature is AI learning. ATP analyses your mailbox data going back up to a year to learn the behavioural and communication patterns between you and your contacts. ATP then automatically detects phishing attempts and spoofed emails, quarantining them to keep you safe.
But perhaps the best thing is that it only currently costs £1.51 per user to add this software on if you are an existing Office 365 user.
Combined with end user email vigilance, this can help to keep you safe at a cost that will not break the bank.
Whilst email filtering software alone is good, having well-trained users in addition to this is even better.
The last line of defence are the people that sit behind the screen, and it only takes one person to compromise the entire network. One of your accounts team actioning a request to send money to a hacker’s bank account, a casual user opening an attachment that unleashes ransomware via a command and control server, or perhaps someone that inadvertently submits their credentials to a spoofed website - these are all examples of how you can fall victim to cybercrime due to user error.
We are all only human, so we recommend implementing regular end user testing and training on detecting and responding to malicious emails, using a product like Webroot Security Awareness Training.
We recommend using this software to send monthly emails targeted at users to highlight vulnerabilities. For example, we will send an email that appears as though it comes from a known user within the business but has enough inconsistencies to identify the email as spam or phishing. We measure and report on the amount of users that click through to the malicious links/attachments and assign them to training courses to help them learn how to identify malicious emails in the future.
This helps to train users, and highlight which users are most vulnerable to email based attacks. Coupled with enhanced email filtering software, this gives a belt and braces approach to email security.
If you're working remotely you may need to access your office-based computer or servers. If you’re using port forwarding, or free remote access software it may be unsecure and vulnerable to hacking. We recommend using enterprise-grade secure remote access options such as SSL secured Remote Desktop Gateway or SSL VPN. If you currently use a next-gen firewall such as WatchGuard or SonicWall, you may already have the ability to set this up and will just need to configure it.
If you are using Microsoft 365 for your entire solution, then rest assured that all you’ll need is a good internet connection. That’s because all data is encrypted both at rest and in transit when using Office 365, meaning that you just need to connect from your chosen device and work as usual.
It’s for this reason that we highly recommend using a cloud-based solution such as Microsoft 365 for your systems. Microsoft 365 simplifies your environment and allows for peace-of-mind as your as data can securely and easily be accessed anywhere, from any device.
If you are unsure about the type of remote connection you utilise and the security of it, just get in touch and we’ll be happy to review this and offer our advice.
How do you keep your data and devices safe when none of them are physically connected to the corporate network? And how on earth do you keep data safe when your users aren’t even using company devices? These are challenges faced in the age of BYOD (bring your own device) and an increasingly mobile workforce.
The answer to these challenges lies in proper Mobile Device Mangement (MDM) and Mobile Application Management (MAM). We recommend Microsoft Intune to provide MDM and MAM.
Intune allows you to enroll corporate devices and provision changes to settings and profiles for devices in any location. Additionally, you can publish mobile apps to users’ devices as well as roll out updates and manage group policies. This removes the need to manually update individual devices in person allowing for greater mobility of workers and easier management. Best of all, if you do happen to have an enrolled device go missing, you can remotely wipe it to avoid the risk of data loss.
You can also implement policies to ensure the compliance levels (based on things like the operating system version)of devices to avoid the risk of unsecure devices accessing company data. For users with personal devices, control can be managed at the application and data levels. This means that users do not need to install Intune on their personal devices, but you can be confident that data is kept secure. Examples of policies you can apply include removing the ability to save data locally to personal devices, and ensuring MFA is used every time data is accessed from one of these devices.
Granular policies can be applied to ensure just the right balance of security and usability. Without MDM in place, you are effectively applying zero management of devices and opening the floodgates for the risk of being hacked.
So what should you do next?
Well firstly, check with your IT Team that you have all of the above in place. If you are unsure and need help checking this, or just want a second opinion we are able to offer a free of charge Cyber Security Consultancy session. If you’d like to find our more please get in touch with us by completing the form at the bottom of this page.
We'd love to hear from you. Call 01634 299800 or send an email using the form below.