The right protection leaves less to worry about
When you’re running a business, chances are cybersecurity for your network probably doesn’t top your list of priorities. But protecting your business can be straightforward. Knowing your digital assets and operations are protected as well as your physical ones, means one less worry for you. Don’t know where to start? Here are some of the most important ways to keep your information safe.
If you think of your company’s network like a very cool, very exclusive club, with lots of valuable things inside, like your customer data, your intellectual property, and your confidential information, then it’s easy to understand why criminals want to get inside. They want to steal your assets, or hold you to ransom for them, or just generally make life more difficult for you.
Your first line of defence are firewalls. Like the bricks and mortar of your club, they’re a barrier that protects everything inside. Installing a firewall is like locking the door on your way out. You know things are being kept safe. They protect both your network and endpoints (devices - computers, laptops, phones) from being accessed by unauthorised traffic. Firewalls monitor the information going in and out of your network and make decisions about what can and can’t come in. And, just as you’d trust your builder to recommend the right materials for your club, the right people can help you understand what firewall is best for you.
The next step is user authentication or identity management. This acts as your bouncer holding the guest list. If your name (and password) isn’t on it, you don’t get in. You’ll only give access to people you trust. Anthony Stitt, General Manager of Security at Cisco knows the value of a strong password, “I recommend using a good password management tool to select strong, random passwords and not replicating these across accounts. It’s simple but effective.”
Next, there is intrusion detection, to find and monitor those elements that do sneak in. Intrusion detection is like the hidden cameras in your club, constantly scanning faces and hunting out those without permission to be there.
“Intrusion detection can be automated, so that it blocks certain traffic or tells the identity manager to block access. But not every issue can be resolved automatically, so checking and responding to intrusion detection information is really important. It will help you to correct whatever was wrong in the first instance, so if the attack were to happen again, it wouldn’t be successful. Closing the loop provides the greatest amount of integrity to your system, while protecting against repeat attacks.”
One of the main causes of security breaches is user behaviour - the things you and your staff are doing on your individual devices. Often, people don’t realise they’re opening a phishing email or downloading from a dodgy site.
“Awareness training for staff in spotting good and bad content is a great idea” recommends Stitt. “Send around a few emails as examples of the kinds of things they might come across. It’s quick and easy and effective at helping people identify something potentially dangerous. There are also phishing services that will send bogus emails to staff and alert them with some brief training if they click on something they shouldn’t.”
“There’s also been a rise in “spear phishing” attacks, where staff who manage your organisation’s money are targeted. Criminals will pose as the Managing Director or Finance Director for example, and email the Accounts team to request things like wire transfers. If successful, these attacks can be devastating for your business, and result in the loss of four, five, or even six figure sums. Training those who handle your money is critical.”
Further, be vigilant with your upgrades. “If you’re a business using the cloud, this process is made easier, as upgrades and patches are managed for you. If you’re not using the cloud, then any devices being used need to be patched. This can be time consuming to manage, so make sure you turn on auto updates so you don’t miss anything.”
Finally, if you don’t have the time, inclination or staff to dedicate to security, make sure you get the solutions from a trusted source. There are plenty of people out there to help you if you can’t manage it yourself.
A few simple security measures can keep you and your customers’ precious data safe.
Did you know that our post a project feature will help you find the right partners for your project? Whether it’s an idea you’re just scoping, or a solid plan you intend to implement, posting here will link you with trusted partners who will help you to get the outcomes you’re aiming for.
Cisco provides solutions that can be tailored to any company size or need. Connect with our partners on security solutions to provide visibility and protection across your network – before, during, and after an attack.
Welcome to Cisco!
How can I help you?
Please take a minute to tell us about your experience using Cisco Marketplace platform.