Let's start with the worst: your business falls victim to a cyber attack. What do you do?
Isolation and segmentation
The affected clients should be isolated as soon as possible. By EDR By implementing this you prevent the further spread of unknown malware within the company network. You can also take action in this direction in advance, namely by a good segmentation of your network. PCs in a production environment (often still running on vulnerable Windows 7 or even XP) should be shielded from the network on which your business administration is done. Also IoT devices are often handled sloppy. Username/password combinations such as admin/admin are all too common.
Does your company have a backup strategy?
The 3-2-1-0 strategy is a well-known rule when it comes to backup. Provide at least: 3 copies, on 2 different media, 1 of which is off-site and all this with 0 backup errors. Especially the latter is something that is not always given enough attention. Making copies quickly and carelessly induces errors.
Just because you work in the cloud, doesn't mean you are completely free of worries about backups. Think about your data within your Office 365 environment. Did you empty your 'Deleted e-mails' folder? Then you still have 30 days to recover them. After that you will lose them permanently. The same goes for SharePoint. Did you (accidentally) delete a document there? Then you have up to 90 days to restore the file. Do you want to prevent this? Then invest in Veeam Backup for Office 365.
You should also already be thinking about who you should inform in the event of a cyber attack. Internally, the right people need to be informed immediately, but also externally. The GDPR regulations require, among other things, notification to the GBA (data protection authority).
Perhaps the most important factor in preventing cyber attacks is the way in which employees deal with security. Is everyone aware of the dangers, how they manifest themselves and what to do in case of danger? 95% of all hacks start with a phishing mail. So extra vigilance in your mails is definitely recommended! But also other popular channels, such as WhatsApp for example, are increasingly used.
Your employees have a certain teaching security literacy is essential. Do they know about spoofing, skimming and zero-days? Hackers are getting more and more creative. Social engineering is a technique whereby they use different channels (mail, social media, network traffic, etc.) to gain a lot of knowledge about how an organization works. This enables them to write scenarios that appear very credible. For example, the specific situation of working from home is now widely used by hackers: 'It seems that a colleague is trying to reach you, ...'.
A healthy vigilance can prevent much misery. Anything unusual should ring a bell: use of language, messages from people you don't normally communicate with directly, strange translations, etc.
Make use of the available technology
'We have to anti-virusso we're safe...' You wish! We work on MacOS, so...' Not! These are just two examples of how security is often minimized to wishful thinking. It's indeed worth something that a new device comes with minimal security, but that's certainly not enough to protect your company against a cyber attack.
Does your organization already use MFA? This is a very low-level protection where you need something else in addition to a password to identify yourself as a user, for example, a fingerprint, facial recognition, a temporarily generated code on your smartphone or other device. A password alone is no longer secure.
EDR is another technology that far surpasses classic anti-virus. Endpoint Detection & Response scans deep into the kernel of your PC, identifies suspicious actions and can stop them and isolate the client if necessary. In this way, it can also intercept so-called Zero-Days, which are malware unknown to anti-virus packages.
For companies with multiple remote sites we also like to mention SD-WAN yet. This is a technology that makes communication between a head office and various branches safer, more user-friendly and cheaper.
In short, be prepared, create a security culture and make use of the available technology! VanRoey.be and its partners will gladly help you on your way.