However, with a few simple tips you can secure your devices and IT infrastructure to a basic level.
We already share 10 very essential ones:
1. Make sure all your devices are up to date
It's not nice if you get a notification at an inopportune moment that there are new updates for your computer, but install them anyway. Software manufacturers are constantly analyzing how hackers are looking for new loopholes to break in and what new viruses are wandering around, so they are always trying to protect their software against all kinds of threats. There's an update for a reason. Sometimes it's a new feature, but most of the time it's about a (necessary) improvement.
2. Limit the number of users with admin rights
A smart IT head with admin rights can handle anything. If that smart head has bad intentions ... We understand that you have to trust your administrators, but you do create an extra access that can be abused. So don't be too lavish in granting admin rights. You don't give all your neighbours in the street a key to your house either, do you?
3. Manage who has access to what
A hacked account means that a hacker has the same access as the affected employee. If you limit the rights of your employees, you also limit the impact of a possible burglary.
Also make timely changes to the access rights of colleagues who leave the company, are in a new position internally or are absent for an extended period of time.
Identity and access control can easily be automated with IAM (Identity & Access Monitoring) which, for example, is integrated in Microsoft EMS.
4. Install the latest and most advanced anti-virus software
Poachers also use the latest technologies such as AI (artificial intelligence) and ML (machine learning) to develop algorithms that train themselves in all kinds of dark practices and are getting better at them. So make sure your endpoint protection is up to scratch: go for a professional, centrally monitored antivirus software and software that can recognise as yet unknown threats.
5. Logfiles, AI & Cloud
By recording basic log files, you can trace suspicious incidents. SIEM and SOAPA, for example, are platforms that facilitate log file analysis. If you want to go a step further, use AI to establish automated correlations and receive notifications.
Don't forget your applications and your data in the cloud. Choose here a solution that offers visibility on the use of these applications, how data is shared and whether there is malware moving through the cloud.
6. Backup!
Yes, here we are again. Make continuous backups and keep them separate from your network. If you already invest in something, do so in a robust backup system that also enables a smooth restore.
7. Create awareness among your employees
Internet fraud costs Belgian companies an average of €94,000 per year! Teach your colleagues to see and recognize threats and risks with a Security Awareness Training.
8. Physically shield your organization
No, you don't have to put up a wall around your company, but make sure that not everyone can connect just like that. Loose Ethernet cables in a meeting room where external people are waiting are an open door. The same goes for an unsecured, unshielded guest network. A well-configured firewall with URL filtering prevents that waiting appointment from visiting obscure websites in your meeting room, which can cause all kinds of dirty viruses to get onto your network.
9. Use robust anti-spam techniques
Not only do you prevent a deluge of spam messages, you also protect your domain with it, for example to prevent spoofing. Using an email account to send spam.
10. Don't forget your mobile devices!
The time when your employees only connect to the network with their PC or laptop is long gone and there are no doubt a lot of colleagues who have access to your network or applications with their smartphone or tablet. What they do with these devices at home is beyond your control, which is why it is important to securely protect your company data on these personal devices with Mobile Device & Application Management.
