The world of Cyber Security is full of evolving threats. We hear about new attack vectors every day and have a very creative bunch of bad actors coming up with new ways to make trouble. Ransomware is rampant. Phishing is on the uptick. IT teams struggle to keep their staff trained on all the security threats out there. i.t.NOW is trying to help. We’ve found that there are certain critical security solutions that every business should put in place. This isn’t a complete list, but it’s a great start. Here are 10 Security Solutions Every Business Should Have.
- Managed Patching – Every business should have some way to manage their security patches. Microsoft releases new patches and updates every week. Your organization needs a way to test those patches and get them applied in a timely manner.
If you have more than about 50 computers this can be very time consuming for your IT team. Get a software solution that allows you to easily manage and automate the process. It also helps if it has built in reporting that allows you to see at a glace that all is well. i.t.NOW does this for every client.
- Managed Antivirus – This is another critical piece. You not only need to have antivirus installed on every machine and server on your network, but ideally on every device that connects to the network. That means if your business is doing BYOD, you should probably be providing AV for all those machines that your employees are using to connect to critical network resources.
The best solution is managed antivirus. This allows you to centrally manage it, and easily deploy it to new hardware as needed. They typically also have built in reporting that allows you to see how those licenses are allocated and what devices they are on. i.t.NOW provides managed AV for all its clients.
- Email SPAM Filtering – Many email solutions including Office 365 and Gmail don’t have a great spam filter built into them. This can help cut down on junk mail, but also protect your business against phishing and business email compromise.
We like solutions best that have an quarantine box that allows users to easily whitelist or blacklist domains. Also, that offer an easy way to manage the email and deliver any email that is from a trusted source and gets mistakenly caught.
- Email Threat Protection – Email threat protection takes an important step past SPAM filtering. It helps protect you against malware, phishing, ransomware, email spoofing, and zero-day attacks. They do this by scanning all email in real time to detect and block malicious links, weaponized attachments, and social engineering techniques.
- MFA for Email & Remote Access – This is a measure that most businesses are adopting, and we feel that it’s an absolute must. Multi-Factor Authentication allows you to defeat 99.9% of account compromise attacks according to Microsoft. Typically, when a bad actor runs into it, they simply move on to an easier target.
MFA is especially important on your email as well as remote access. Preserving these two points of entry is critical to the security of your organization. i.t.NOW is enabling MFA on both email and remote access solutions for all of it’s clients.
- End User Awareness Training – IT teams can put all the latest security solutions in place and still have a critical weakness, the humans they’re trying to protect. User error is often the cause of an attack and can be particularly difficult to defend against.
Many IT teams have turned to different forms of end user awareness training to raise the collective IQ when it comes to IT security. If we can better train our users on how to detect and protect against potential threats, its less likely they will put the network in danger. This can be done via online security training courses, or in person seminars. Humans can often be the weakest link in security.
- Business Class Firewall with Advanced Threat Protection – Firewalls in general are important and can offer another layer of protection to your business on the perimeter of the network. Most firewalls have security services either built in, or available as a software license upgrade. We recommend putting these to work to protect your business.
Specifically, we like Advanced Threat Protection. This is where the firewall will essentially quarantine any unknown file that is trying to enter the network. It will then execute those items in a sandbox type environment that is isolated outside the network. If the observed behavior is malicious the threat is destroyed. If it is benign the firewall can let it pass through.
Sonicwall has a great ATP solution called capture that operates on the firewall level that we recommend highly.
- Robust Password Policy – Passwords are still around, and good passwords still matter. They should be complex. They should be long. It’s also important that they are different everywhere. Preferably password complexity can be enforced by policy, and users are asked to change their password on a regular schedule like every 6 weeks.
- Bi-Annual Review of users with Administrative Access to the system – This is a simple administrative task, but one that is often overlooked. Old accounts with administer or other elevated privileges can be a threat to your organization. These should be reviewed regularly, and any unneeded accounts should be eliminated. Regular IT audits should accomplish this.
- Bi-annual review of users who haven’t logged in in 90 days – The same sentiment goes for stale user accounts. Users who are no longer with the company should have their user accounts deleted. Leaving those accounts around unattended makes it too simple for anyone that gains access to assume user privileges and gain unwanted access.
Cyber security is like wearing a seatbelt. It’s a small preventative measure that can really save your bacon when something bad happens. Most businesses owners wouldn’t think about riding around without a seat belt. Many however, have a cavalier attitude with cyber security.
Take the time to get your security right. i.t.NOW can help. We hope that this list of 10 Security Solutions Every Business Should Have has helped you recognize simple things you can do to improve your network security today.