What We Are Seeing in the IT Security Space.
As OneHQ has technical oversight on so many companies’ IT systems we have a bird’s eye view of the threats and incidents businesses are facing.
These are the standout IT Security incidents we have directly seen in the last 12 months:
- Users click on a bad document in an email, which prompts them to log in to their Microsoft Office 365 account (or similar) which has given the attackers full access to their mailbox
- Multiple cases where the above happen, then social engineering emails are sent both within the business and to suppliers or customers trying to gain financial benefit (as well as changing bank account details on invoices)
- A server without VPN protection was compromised giving the hackers full control of the system
- A denial-of-Service attack on a Citrix Server means the servers and applications were barely usable for over 24 hours
- A client’s website was hacked, and the content was replaced with alternative content and the client was locked out of the domain name
- A major brand of router had a well-publicized security bug that meant some clients routers were compromised which disabled their internet until the issue was resolved by a software update on the router.
- A user had all their OneDrive files encrypted by malware
With the above incidents, here are some commonly held myths by companies:
- My staff all have a good level of understanding of what a dodgy email looks like and won’t click on anything suspicious
- My business data is of no interest to others so it’s unlikely someone will try and gain access to it
- Regardless of the situation, if any of my data is comprised/lost/stolen I will just restore it from backup, and everything will be fine
- I reviewed IT security a year ago, and don’t need to allocate time/resources to this topic continuously
- We have implemented a particular piece of IT security software, so we are safe
The reality of IT Security is that it can be a complex subject, and the landscape is constantly changing. Any of the IT systems we all use today can experience an IT Security issue. Microsoft Windows for example has a constant stream of ‘exploits’ such as the Printing related bug which was in the media recently.
There is no silver bullet for protecting your company, and the tools and methods being used today will at some stage need to be reviewed and replaced over time. Additionally – A large part of a balanced IT security stance is around internal processes and your people.
So, just for you, we’ve created a short list of general guidelines to help protect your business in the current IT environment:
- Ensure there is a key person within your business that has a good understanding of your current IT Security posture, work with your IT provider to understand your current posture
- Use MFA (multi-factor authentication) for accessing all relevant data and applications where possible
- Ensure your staff offboarding process removes access to ALL IT systems and applications as soon as someone leaves the business
- Wherever possible, back up all company data, even when using SAAS providers. e.g Ensure your Office 365 mail and data is backed up to another location
- Consider leaning towards the higher security vs lower security option when it comes to deciding on things such as password reset schedules for key systems. This can mean a slightly higher admin overhead but better protection.
- Don’t have any users sharing passwords
- Use encryption such as Bit locker on all machines (especially laptops) so that if one is stolen/lost the data isn’t easily accessible
- Think about the types of devices you allow to connect to your company data. You should have policies/rules/limitations around this
- Minimize your ‘attack surface’. Don’t leave systems in production that are no longer needed, the less things you have running, the smaller your attack surface.
- Train employees, and have a clear computer usage policy that sets the IT rules for your team
For more guidelines, help, advice or more, please contact our security experts here at OneHQ.
We are more than happy to help. There is no shortage of sharp IT security solutions for all aspects of protection and monitoring, but the way for us to understand your requirements is to have a discussion. There is no one size fits all solution so let’s talk.