We know we hype up multi-factor authentication, or MFA, quite a bit on this blog, and for good reason. When implemented correctly, it can be an effective deterrent for many cyberthreats out there. However, as they often do, hackers have found ways around MFA. Let’s take a look at how hackers find ways around MFA protection. Read More
- Published: 13 Sep 2019
Do you know the phrase, “Locks only keep out the honest?” The idea is that even though you lock your doors, there is only a thin layer of glass and good intentions stopping a criminal from entering your home through a window.
Cybersecurity is a lot like that, and preventing the one percent of threats that slip past your security is crucial to your business. Let’s talk about it.
One Percent of Threats Equals a Hundred Percent of the Damage
Very few things in the computing world are infallible. If it is connected to the Internet and hackers really want to get into it, they will find a way. No antivirus can guarantee they will protect you from one hundred percent of all viruses ever. No anti-spam solution can promise you that they will never let a piece of junk mail through. These solutions are designed to reduce the risk. Antivirus can only protect you from known viruses, and only when the definitions are kept up to date in the software. Anti-spam often uses machine learning to analyze a message and determine if it has similarities with millions of other spam messages.
This means there is room for a tiny amount to slip through as cybercriminals tweak and adjust their tactics to try to get past the security systems put in place.
In other words, you could have the most expensive, most carefully managed and monitored IT security in place, and still be at risk. You could meet and exceed any compliance standard and still be at risk. Granted, it’s a greatly reduced risk than you would have without the security, but that one percent that slips through the cracks could still lead to massive amounts of damage.
How Do I Stop the One Percent from Harming My Organization?
That’s the big question, right? If you paid for that expensive firewall and that centralized antivirus and you’ve locked down your end points as much as possible, what more can you do?
Sometimes it just takes awareness to prevent an issue from becoming a bigger problem. Offering training and resources to keep your staff aware of threats can go a long way. There are some pretty simple lessons that are pretty easy to understand regardless of one’s technical level:
- Don’t open attachments you didn’t expect.
- Don’t click on the links that seem skeptical or too good to be true.
- Don’t share passwords, and don’t use the same password on multiple accounts.
- Don’t plug in random USB devices, especially if you found it.
- Report anything suspicious to IT.
Teaching users how to do some basic tasks like taking screenshots for errors and identifying phishing attacks can also go a very long way.
Don’t ‘Set and Forget’ IT Security (or Backups, or New Policies, etc.)
A huge factor in almost every preventative IT solution, whether it be your antivirus or your cloud backup, is that the developers behind it are playing an ongoing game of cat and mouse with cybercriminals. New viruses and threats come out all the time, exploits and security holes are discovered that need to be patched, and everything needs to be applied to your hardware/software to keep you and your data safe.
That’s why it is crucial to monitor and manage every device and endpoint on your network. Every workstation, router, access point, server, firewall, and security solution needs to be carefully monitored and kept updated. Solutions that become so old that the developer chooses to no longer support them need to be retired and swapped out.
If this isn’t happening, those investments aren’t getting their money’s worth.
Stay Ahead of the Curve
Compudata can help. We WANT to help. We want Ontario businesses to thrive and grow and never have to pay off a ransomware attack or lose thousands of dollars and thousands of hours dealing with stolen data.
If protecting your business is important to you, give us a call at 1-855-405-8889 and ask about getting a free network audit, just to determine where your weak points are.