We like to think we’re quite savvy when it comes to cybersecurity at work, but it is easy to make common mistakes that can have far reaching consequences. One singular incident can cause stolen data, diminished customer confidence, reputational harm and compliance penalties that can be costly.
- Bad Password Practice
Bad password practice is one of most well known cybersecurity risks, yet it continues to be a pervasive problem in many organizations. Innumerable data breaches are caused by poor password practice, whether not regularly updating them, using the same passwords across multiple accounts, or choosing simplistic words and references that are easy to crack. Passwords such as ‘Password1’, ‘123456’ and ‘companyname’ are all prime examples that should be avoided. Instead, use private, certificate-based authentication, or passwords which are changed at least every 60 days and have combinations of letters, numbers and symbols. Storing these in a secure password manager or keychain can help you remember them. Enabling two-step verification whenever possible can also provide an extra layer of defence.
Another level of protection would be using a passphrase. The debate between passwords versus passphrases is currently a trending topic online. Following the many high profile password hacking and identity theft incidents of recent years, many online users have become aware of the ominous danger that is lurking in the scam-infested world of the internet. There are several advantages to using passphrases: they are easier to remember, they easily satisfy complex rules, and most operating systems and applications support them. The best reason for using a passphrase is that they are next to impossible to crack, mainly because most of the highly-efficient password cracking tools break down at around 10 characters. Hence, even the most advanced cracking tool won’t be able to guess, brute-force or pre-compute these passphrases.
- Not Backing Up Correctly (Or at all)
Many users do not backup their data or if they do, it’s not done properly. Not backing up data is a risky move, which means any files that are deleted or corrupted by an attack cannot be restored.
The WannaCry ransomware attack spread to 150 countries, impacting over 10,000 organizations and 200,000 individuals in over 150 countries. The outcome of the current WannaCry attacks on individuals, companies, and organizations, highlights the value of having good clean backups in a secure storage system in order to recover data hidden from ransomware. These attacks also demonstrate the value of having the latest security patches installed and a comprehensive security software solution protecting your workstations, laptops and servers. While more businesses are now implementing backup solutions, there is a tendency to ‘setup and forget’, so they don’t realise something has failed with the system until it’s too late. It is recommended that companies perform daily offsite backups of their systems, as well as periodically validate the quality of the backups . There is nothing worse than having your systems compromised and then realizing your backups are effectively useless.
- Poor Access Controls
Another issue which is particularly prevalent in small companies is access control. Too often internal systems and data are treated casually and there is easy access to administrative login rights. This can include access to network servers and sensitive company private data. While allowing employee common access can make life easier for the owners/admins, it significantly weakens network security, leaving the company exposed to disgruntled employees. Internal security breaches are difficult to track down the responsible person.There are few occasions that warrant generic logins, so everyone should have individual logins, limited to systems they need and only at the level they require. It’s better to start off with low access, and then build up as required, making sure any logins utilise employees’ work emails, which you have ultimate control over. Access levels should be tracked on an ongoing basis so that no user has unnecessary access to sensitive or critical systems. User privileges should be automatically revoked when employees leave the company and all network access updated accordingly.
Investing in privileged access management (PAM) software, a solution that helps organizations restrict privileged access within an existing Active Directory environment, is a wise move. Large-scale incidents are likely to involve unauthorized administrative or root access to critical systems. The attackers typically impersonate an administrative user to gain control of confidential IT assets. This is a huge problem; the vast majority of big security breaches involve the misuse or escalation of privileged credentials so PAM software can be a very worthy investment.
- No Response Plan
Many businesses, particularly SMEs, are slow to respond and disorganised when it comes to identifying and responding to an attack, an issue that can greatly influence the amount of damage – physical, financial and reputational – that is suffered as a result. As soon as an attack or breach happens, you need to know who’s responsible for making decisions and setting a response plan in motion. It’s also vital to know who you need to contact for legal, IT forensic and public relations advice, as well as how you’ll approach communicating with customers. Having cyber insurance in place can also be invaluable to cover any legal costs and compensation you have to pay, as well as your own out-of-pocket expenses as a result of an attack. Cyber security is one of those areas where people often don’t understand the value of taking certain precautions until it’s too late – and then they wish they had done more! So remember, a few simple steps now could save you and your business a big headache further down the line.
- Ignoring Security Monitoring
While well trained users can be your security front line, you still need technology as your last line of defense. User Activity Monitoring allows you to monitor users to verify that their actions meet good security practices. If a malicious outsider gains access to their log-in information, or if an insider chooses to take advantage of their system access, you will have a record of the suspicious activity.
If your business is like most others, you don’t have the budget to stand up your own security operations center. But that doesn’t remove the need for around-the-clock monitoring and intelligence that will help you investigate incidents and minimize attacks.
Would you like to know more?
In the spirit of preserving your data, session recording software offers a way to protect your organization.