As we become more and more reliant on computers and the internet in our everyday lives, so the risks of cyber attacks and loss of data become greater too.
Data breaches hit a new high in 2019 https://betanews.com/2020/02/10/2019-record-data-breaches/ and many people say they will stop dealing with businesses that suffer them, so protecting your systems is important. Here are some key steps you can take.
1 The human angle
Many breaches are down to people falling for things like phishing scams. It’s therefore important that everyone in the business is aware of their responsibilities for protecting data and keeping systems secure. You must have a cyber security policy and keep your staff up to date with the latest threats.
2 Stay up to date
Cyber criminals always look to exploit flaws in software and operating systems. Developers issue patches to fix these, but they will only work if you install them, so it’s vital to keep your systems up to date. Sometimes this can be done automatically, but sometimes you need to make a manual check. If you need help to do this from IT support Cheltenham has companies like https://reformit.co.uk/ who can offer advice.
3 Access control
Your security should always be built on a ‘least privilege’ model. This means giving people just the level of access they need to do their jobs and no more. Only administrators should have full access – and even then use of admin level accounts should be kept to a minimum. When someone leaves the company or changes roles make sure their access is revoked or adjusted accordingly.
Stolen data is no good to cyber criminals if they are unable to read it. Making sure that your sensitive data is encrypted is therefore a key element of protecting it. Make sure that your backups and archive copies are encrypted too.
5 Third parties
If you are entrusting data to a third-party, such as a public cloud service, make sure you understand what security measures are in place. Use two-factor authentication to secure access and take additional security measures where necessary.
6 Have a plan
It’s impossible to guard completely against attacks as the threat landscape constantly changes. It’s therefore important to have a plan setting out the actions you need to take in the event of a breach or attack.