It seems as though every week there is a new company in the news that has suffered from another IT security data breach. Companies from Sony, Forbes to Anthem have all recently been hacked exposing confidential information. You may think “If these companies that have IT budgets worth millions of dollar can’t stop hackers from coming in, how can I possibly prevent this?” While you may not be able to stop every attack from happening, you can certainly minimize your exposure by implementing these 3 tips into your IT security plan.
Password Manager: IT Security in most cases is only as secure as your password used to protect the data. Most companies do not have a password policy in place, and allow simple passwords to be used such as Password123. I recommend using a password manager such as LastPass to manage all your passwords, and NONE of them should be the same. LastPass has a password generator that will generate a unique password using a length and complexity of your choice. It has a browser plugin that will automatically fill in your passwords for you as you visit each site without having to fill in the information on your own. You may think, “what if LastPass gets hacked?” This is a valid concern, however LastPass is unique since they actually encrypt and decrypt your password locally on your computer BEFORE being synchronized with LastPass. I personally do not know ANY of my passwords since they are all automatically generated with at least 15 characters.
Two-Factor Authentication: Security can sometimes be a pain to implement since it “causes more work” for the end user. This may be true, however could save your company from being on the news! Implementing two-factor authentication is a great way to add an additional layer of security for your passwords. Two-Factor authentication requires the user to enter a second password using either a randomly generated code, push notification to a mobile device, or SMS message. If your password were to be compromised, it’s essentially useless to the attacker if you have two-factor authentication enabled. I personally use Duo Security two-factor authentication for everything including LastPass! Duo can integrate with a variety of service from VPN’s, remote desktop, cloud services etc.
UTM Firewall: While this may seem obvious, we recommend deploying a UTM (Unified Threat Management) Firewall for your office. A UTM firewall is a great way to add perimeter security to protect your users from Internet related threats. While we could write an entire blog post on UTM firewall features, I want to highlight some important components you should to enable on your firewall. We recommending using Watchguard XTM devices since they are reasonably affordable and extremely feature rich:
- Content Filtering: Your UTM device should offer the ability to restrict web traffic based on category. This is used to not only to prevent users from accessing inappropriate websites intentionally, it also helps by blocking access to sites that users may inadvertently browse to that contain malware!
- Gateway Anti-Virus: In addition to having anti-virus on your desktop, your UTM device should have gateway anti-virus enabled. This will scan internet traffic for known viruses before it actually reaches your desktop and deny access accordingly.
- Intrusion Prevention Service: IPS will scan traffic on all major protocols to detect and block all types of threats including spyware, SQL injections, buffer overflows and more.
You may think because your data has been migrated to the cloud, you are no longer responsible for managing the security of your data. While you don’t have to manage every aspect of the security and that is shared by the cloud provider, you do still however need to implement safeguards to protect your data using the above at a minimum. You should also have policies and procedures in place for things like employee on-boarding, off-boarding as well as a detailed written information security plan (WISP) We’d love to hear what techniques you use to make sure your data is protected both in the cloud, and here on earth!