Security Advice to a Friend

Author:  Ian Pavlik

I was recently asked by a business owner and friend what he should be thinking about in terms of Data Security.  After outlining the key priorities and vulnerability scenarios, I felt this is great advice for all business owners.

Here are some things to think about when evaluating the security of your network.

Backups, Backups, Backups
Number one item is to make sure you have an effective backup strategy. Not just a backup. What I mean by that is you need to think about “what am I protecting myself from and what are all the elements I need backed up”. Backups have multiple purposes.

1. They allow you to restore information that is deleted, destroyed, or missing. 

2. They allow you to restore a working system should it be required. i.e. restore an entire server and functioning software, rather then just restoring missing files. Say your server gets encrypted with ransomware, just restore the whole server rather then reinstalling and configuring from scratch. Restoring a whole server can take minutes whereas reinstalling a new server can take several hours, sometimes days.

3. They allow you to view the state of your data or system at a point in time in the past. Forensic analysis of your data or systems are sometimes required. For example; what did our system look like 4 months ago before we realized “Tommy” was mis-handling files or money.

The strategy could be backing up your entire server daily and keeping that backup local to your network (but segmented in a way that a hacker cannot corrupt it) while backing up your data offsite to a secure backup system (again segmented from your network so a hacker cannot corrupt it).

The most important thing in all of this is the part about having a backup that IS NOT connected to your network. Ransomware attacks often include either an automated virus or an actual human accessing your network and poking around looking to encrypt your data and destroy your backups. So, if your backups are connected in a way that allows a hacker to reach them, then they are worthless. This includes any online file storage like DropBox. Copying files to something like DropBox IS NOT a good backup strategy.

Email Backups
Think about how your email is being backed up. Is it all in the Cloud? What if someone deletes their email prior to leaving the company? How can you get that information back? Consider a backup solution that can backup your email such that you can restore individual accounts or emails back to a point in time. This is very important especially when you let someone go and they might have an opportunity to delete emails before you turn their system or access off.

Anti Virus
This is table stakes, make sure every device on your network has it installed.   Have a central management console that allows you to see the status of each device, push out updates and manage the AV system.

Advanced Threat Protection
This is a system that monitors the action of your users, their communication patterns and communication content and looks for suspicious or irregular activities. This is not AV scanning for viruses, this is a system that tries to stop hackers from tricking your account department into changing the routing codes on the next wire transfer for example. These are AI and machine learning systems that are constantly evolving and add a layer of protection from social engineering hacking attempts. Remember, no system is 100% protective and in the end your staff have to be smart about things.

Data Loss Prevention
This is another AI and machine learning layer of protection that scans all communications and data that is sent from your systems and looks for sensitive information. Like Credit Card numbers, Social Insurance Numbers, Bank Account numbers etc. This can be setup to either stop, notify or audit someone before they purposely or inadvertently send an email that contains sensitive info. It even scans attachments. Businesses are liable these days to take reasonable precautions to protect customer data and not let it out into the wild. This layer of protection helps mitigate the leaking of that sensitive data.

These are the key items to look at, but obviously not the entire list to consider.  Not sure where to start?  We can help you by assessing your existing systems and security measures, identify the gaps and threats to your data, recommend and implement the solutions to fill those gaps.

 

Published December 2020

go to top