Home

About Us

IT Services

Understanding IT

News & Events

Blog

Support

Contact Us

(702) 720-1700

Blog
  • Register
7 minutes reading time (1476 words)

The Fundamental IT Defense Plan

IT_Defense

Properly maintained IT security is necessary for the modern business. If your business utilizes email, connects to the Internet, or has employees that use mobile devices like smartphones and tablets, you need to have solid IT security in place. The following covers a lot of common elements required to protect your data and reputation. Keep in mind, depending on your industry, there may be additional compliances and regulations you need to follow.

 

A Brief History in IT Security (And Why it Matters to SMBs)

Over the past two decades, IT technology has altered the business topography making it easier to produce, collect, and collaborate on data. However, the use of modern-day, internet-connected equipment for any purpose opens your business up to threats. Whether you simply use email for business correspondence, or your point-of-sales solution integrates with your website’s ecommerce system, protecting your data and infrastructure from online threats isn’t something you want to skip.

Without going too deep into the nerdy details of cybersecurity, let’s take a brief look at where the world is at so far:

  • In 1988, computer scientist and entrepreneur Robert Tappan Morris developed the first computer worm that self-replicated across the Internet. This worm single-handedly caused an Internet blackout.
  • In the 1990s, computer viruses were quickly becoming widespread and were getting a lot of media coverage. You might remember the ILOVEYOU and Melissa viruses that infected tens of millions of PCs. None of these viruses really had any clear objective other than causing disruption.
  • These viruses led to the development of Internet security companies and antivirus solutions. It also started to build awareness for online security threats, which only led to trickier types of malware and threats.
  • Email was (and still is) one of the prominent ways viruses were spread, so businesses that relied on email were just as susceptible to online threats, however businesses started to have more at stake. If emails were compromised, the integrity of the business, or at the very least, the level of security of the business, would be questioned by clients and prospects.
  • During the 2000s, internet threats started to become more organized and strategic. No longer were viruses just an annoying nuisance that spread haphazardly. Instead, many major threats were identified that had serious financial objectives.
  • Starting in 2005, Criminal organizations were targeting retail outlets, syphoning credit card information. One of the first and largest was when 45.77 million credit cards were stolen from TJ Maxx, costing the company $256 million to repair damages.
  • Finally, businesses were starting to take cybersecurity more seriously, because there were clear and heavy consequences for falling victim to an attack.
  • Today, it hasn’t gotten any better. Over the past few years, huge brands like Sony, Target, Apple, Premera Blue Cross, Anthem, Chick-fil-A, Kmart, Dairy Queen, and even the US Postal Service have been targets of very successful, very aggressive, and very expensive hacks.
  • With the massive popularity of mobile devices, smartphones and tablets are now being targeted more than ever. It’s estimated that 11% of all smartphone users get hacked each year, and that number is expected to rise.
  • Don’t forget data theft. Laptops, tablets, and smartphones are extremely susceptible to this. Beyond the physical device being stolen, hackers can easily intercept data being sent from a mobile device over insecure Wi-Fi hotspots like those found in coffee shops, trade shows, and hotels.

Of course, these are all the big names we’ve heard in the media. Smaller companies don’t get the same publicity (thank goodness), but smaller companies are actually at a higher risk because they tend to have little to no defense. While a criminal organization might like to steal the data of 56 million customers from Home Depot, several hundred records from a small business can be done in a fraction of the time.

The points to take away from this are that cybercriminals are becoming smarter and more organized, and that it doesn’t matter how big or small your business is.

Protecting Your Business

To protect your business today, it takes several different approaches. There’s no single answer or software to purchase that will protect you from each type of risk. However, that doesn’t necessarily mean that throwing money and solutions is going to protect your assets.

Beyond the security measures in place, a sense of awareness needs to come into play. You and your staff need to keep security top-of-mind, and rely on an IT security consultant when questions arise.

Let’s start with the basics - the solutions on your network that should handle the heavy-lifting of your IT defense plan.

Backup and Business Continuity Planning

While data backup isn’t really a preventative security measure, it is a major player when it comes to your security plan, as well as a fundamental piece of your business continuity plan. A managed, properly monitored backup solution is basically the last line of defense. If all else fails, at least you can restore your data. It should be hoped that you never need to come down to this, because if you are compromised, much of the damage is already done, but if you are compromised and your data is gone, there’s little chance of survival.

Your backup solution should store data securely offsite, and backups should be ran regularly, several times per day. Other features to look for in a good backup solution would be fast restore times (image-based backups instead of file backups), versioning, and virtualization capabilities.

Managed Antivirus

A staple of traditional IT security, having antivirus properly installed and managed across your entire network will prevent the millions of different viruses and basic threats that cause computer downtime and other issues. Antivirus isn’t going to prevent more targeted attacks, but all businesses should have it in place.

Although there are plenty of great free antivirus solutions for home users, your business will want a solution that is centrally deployed and managed to ensure virus definitions and other updates are always in place, and that scans are ran regularly.

Firewall

Equipping a centrally controlled firewall will block incoming attacks. Not to be confused with the software-based firewalls that piggy-back on many antivirus suites, a business-class firewall typically sits on your network between your other devices and the wild Internet.

Spam Protection

As mentioned before, email is one of the main ways threats get into your business. Although most email clients have decent spam filtering, junk email is still getting into your organization. Utilizing a separate spam filter solution blocks these threats from getting delivered.

Secure WPA2 Wi-Fi

Unsecure Wi-Fi can give a user full access to your network and your data. Although this only opens you up to localized threats (the user has to be within range of your company Wi-Fi), ensuring that your routers are locked down and secure is a best practice. Many modern routers have this functionality built-in, it just needs to be properly configured.

Secure VPN Access

Data theft is a huge problem when traveling. Wireless hotspots, like those found at airports, coffee shops, and hotels can be very insecure. Hackers can easily intercept your data without your knowledge. A VPN (Virtual Private Network) solution lets you access your company files and applications securely without transmitting sensitive data. This also means that sensitive data doesn’t need to be stored on the device.

Mobile Device/BYOD Policies

With the widespread usage of devices like smartphones and tablets, employees are becoming much more likely to use these devices for work. This can improve communication, collaboration, and productivity, however there are downsides certain precautions aren’t put into play. Your organization needs to develop a BYOD (Bring Your Own Device) policy with specific rules corresponding to the storage and transferring of company data on personal mobile devices. These policies need to be read and understood by all employees, and enforced by the organization.

While you don’t want to be so strict that you prevent engaged users from utilizing their own smartphones or tablets for work, you need to enforce the protection of your data (and your clients’ data). Setting up the ability to remotely wipe a lost or stolen device, or revoke the access to company email if the employee quits is a good start, while establishing document management solutions like cloud hosting or a VPN provides even more incentive to follow best practices.

Industry-specific Compliances

Depending on your business, there may be other regulations and compliances that you need to meet. It’s best to cover these on a case-by-case basis, as each regulation will have very specific requirements. We highly recommend you reach out to the IT security experts at Agilitec IT for an evaluation.

Ongoing Management, Updates, and Testing

What good is a smoke detector if the batteries are dead? The same goes for IT security that isn’t properly managed, kept updated, and regularly tested.

To learn more, give us a call at (702) 720-1700.

Using 2017's Examples to Maintain Network Security...
Agilitec IT launches new website!
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, July 21, 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Technology Tip of the Week Network Security Security Privacy Best Practices Mobile Devices Business Management Productivity IT Support Internet of Things Tech Term Small Business Saving Money Data Recovery Communications Internet Backup Managed IT services Malware BDR Cybersecurity Data Backup Business Managed IT Services Hardware Cost Management Business Computing Router MSP Data Redundancy Software Collaboration Networking Network Outsourced IT Efficiency VoIp Vulnerability Devices Data Breach Automation Email Marketing Bring Your Own Device OneNote Innovation History Content Filter Analysis IT Services Spyware Users Smartphones Holiday Microsoft Word O 365 versions IoT The Internet of Things Remote Computing Cortana Social Media Printing Hybrid Cloud Evernote Workplace Tips Monitoring Blockchain Hosted Solutions Best Practice Wireless Internet Amazon Chromebook Unified Communications intranet Android Cybercrime Maintenance backup files eWaste Windows 10 Google Law Enforcement Education Wireless Technology Management Cloud Computing Gamification Virtual Assistant Smart Tech Data loss Server Office Online Project Management Hackers Two-factor Authentication Google Assistant Update Data Privacy Students Charger Money Cleaning WannaCry Alexa for Business Connectivity Communication Excel Alert team chat Virtualization Phishing Updates Value Workers Wireless Charging Financial Technology App Windows Browser Operating System Streaming Media Big Data User Tips Travel Flexibility Computing Office 365 Jun 27 2018 11:00 AM Pacific Disaster Recovery Patch Management Data Security Mobile Security Thank You Edge Passwords Remote Monitoring Proactive Computer Forensics Hard Drive Legal Data Theft Apps Identity Congratulations Artificial Intelligence Company Culture Wi-Fi Cloud Language Ciminal Safety Identities Gadgets Information Managing Stress Risk Management Tech Support Spam Business Continuity Gmail Ransomware Business Technology Application Mobile Device Management Computer Fraud Websites Microsoft Vendor Management Device Security Virus Wasting Money Data Protection Compliance Financial Social Engineering App store Memory Managed Service Provider IT budget PowerPoint Antivirus Twitter Employer-Employee Relationship

Latest News & Events

Join Us On July 25, 2018 At 11AM Pacific Time For A Free 30-Minute Educational Webinar On How To Reduce The Number Of Meetings You Have And Make The Meetings You Do Have Much More Effective.  AgendaIntroMicrosoft Teams and Office ...

Contact Us

Learn more about what Agilitec IT can do for your business.

Call Us Today
Call us today
(702) 720-1700

5215 Ponderosa Way
Suite D

Las Vegas, Nevada 89118