Every day we see more and more security compromises in the news for large and small companies around the world. Whether you have a small company or an international organization, no one is safe from hackers and malicious attackers. In order to combat the high volume of attacks and attackers, companies must be proactive with their security measures and stay up-to-date with the current cybersecurity best practices in order to protect their business from loss of data, compromises of sensitive information, and denial of service attacks.
Here are the top five cybersecurity best practices for every SMB.
Cybersecurity Best Practices: Getting Started
To kickstart cybersecurity best practices, assess your risks and vulnerabilities. Begin by reading the list below to identify any gaps in your security policies. These will be key steps in your journey to a more secure, well-protected business.
1. Use Strong Passwords and MFA
The single most effective way to protect your organization is to require complex passwords. If any user's password is too simple, it can put the entire company at risk of compromise. It only takes one user's email address to be compromised to potentially infect the entire business infrastructure. If a hacker takes over one employee's account, they can send phishing emails to other employees in the company, which may look official, in order to gain more access to servers or workstation.
To create a secure password, you will need to include letters, numbers, and symbols with ideally 14+ characters. These requirements can, and should, be set at a company-wide level in Active Directory on Windows or FreeIPA for Linux. Usually, businesses will enforce a 30-day password requirement to ensure users are regularly updating their passwords and no account can be compromised months or years down-the-line.
To further secure your passwords, we recommend enforcing Multi-Factor Authentication (MFA). Multi-Factor Authentication (sometimes noted as Two-Factor Authentication or 2FA), adds a secondary authentication method when logging into an account or email address. This secondary method of authentication is usually from an app on your phone which provides an additional code to enter when logging in. Once you enter your account password, you will access a mobile app associated with your MFA and enter this randomized code to prove your ownership of the account. In this way, a hacker would have to both compromise an account's password AND their phone in order to log in. This stops most hackers from further attacking accounts and networks in the organization. Your MFA will be set up through your account management, whether that be Office 365, Active Directory, FreeIPA, or related applications.
2. Install Effective Anti-Virus
It goes without saying that you absolutely need strong anti-virus protection for your servers and workstations. Where proper training, strong security best practices, and complex passwords fail, anti-virus software will be your saving grace.
It is a saying that humans are always the weakest link in security, and it couldn't be more true. Your employees may have gotten great training, set strong complex passwords, and are otherwise diligent about the companies cybersecurity best practices, but anti-virus can still play a critical role in when a network is in danger of being compromised.
For example, your user may receive a phishing email from another compromised account in the company. This email would be from a legitimate sender and looks official in every way. When the user clicks on the spreadsheet attached in the email, the anti-virus software warns of a possibly malicious file and blocks the document from opening. This single act of having strong anti-virus measures in place may have potentially prevented a ransomware infection from spreading from machine to machine across your network and compromising your entire business.
Whether you use ESET, SentinelOne, Webroot, or another product, it is absolutely vital to have strong end-point protection for each workstation and server in your network. This will be your last defense against malicious files and actors attempting to infiltrate your network. Where the attacker has gotten through every security measure put in place, your end-point anti-virus protection could mean the difference between another day at the office and thousands of dollars worth of data recovery and repair.
3. Secure Firewalls, RDP, and Open Ports
Securing your network with firewalls is an incredibly important measure to implement in today's security climate. Your firewalls should be blocking every port on every workstation and server unless it is absolutely necessary to leave open, and in most cases, you will want to lock this down to only allow access to internal IP addresses and computers.
If you have run a server for any amount of time, you probably have noticed an unending stream of failed logins to Remote Desktop. Hackers around the world have applications automatically attempting to authenticate to RDP and port 3389 with various usernames and passwords on a 24/7 basis. This is one of the easiest, hands-off ways for attackers to compromise servers and workstations, as many companies do leave port 3389 for RDP wide-open to the public, often to allow employees remote access to work from home or while traveling. If you need to allow remote access, you will want to incorporate VPNs and other authentication methods to keep RDP closed to the public.
By blocking off all public-facing ports with your firewall, unless absolutely necessary, you will severely limit an attacker’s ability to infiltrate your systems using automated brute-force software. Any open port can be utilized by hackers to infect a given system and it is important that your network-wide firewall is properly configured to prevent the most access possible.
4. Ensure You Have Working Backups
So, you’ve been compromised and now restoring your backups is your next plan-of-action. But, these backups must be working correctly.
Having working backups is an important part of cybersecurity best practices. If hackers do compromise your systems and have deleted or altered sensitive information, your only method of restoration is from good backups and restore points.
All vital information needs to be backed up and stored in a safe location in the event you need to restore corrupted or deleted data. Whether this is data stored in databases, spreadsheets, or on web server files, you will want to have this data protected and stored off-site to a location it can be recovered from later. It is important that these backups are not stored on the server itself as you will be unable to restore this data if the entire server is compromised.
Besides protecting valuable information from deletion and corruption from hackers, backups protect data from accidental alteration and rogue employees. If a user accidentally deletes an entire table of information from a database, your backups will allow you to return to multiple point-in-time backups to make sure your data is correct and secure.
Work with your IT department to determine your data backup best practices. You will have to make a decision between only protecting your server and database information, or backing up all of your user's workstations. Figure out what data is irrecoverable and configure your backups to regularly backup and store this data in a way you can access it if the computer is compromised.
If you don't have an IT department, or outsource your infrastructure, a provider like Liquid Web will be able to set you up with cloud server backups, offsite backups, and even failover solutions.
5. Final Best Practice: Cybersecurity Training for All Employees
Educating your employees about proper security guidelines and potential threats is an incredibly important part of your network security. You can properly configure all the security measures in the world but if your accounting department hands out your administrative password, there is nothing to stop attackers from abusing unfettered access.
While your accounting department might not hand out their passwords to a stranger, hackers are very clever if they are targeting your organization. Every employee and staff member at your company must be properly trained to spot phishing emails, bad attachments, and potential physical-security breaches. Many security consulting companies will make physically breaking in or bypassing on-site security a part of their assessments and most find great success with this approach.
Consider hiring a security consultant to train members of your staff to identify and report potential security hazards and what a data breach is. An employee who quickly reports something phishy (pun intended) can quickly save the company tremendous time and money recovering from a successful hack.
Final Thoughts: Cybersecurity Best Practices
In today's digital landscape, cybersecurity is no longer an option but a necessity for businesses and individuals alike. By adopting proactive measures such as regular risk assessments, strong password policies, employee education, and robust network security, you're taking the crucial steps towards safeguarding your data. Stay informed, stay prepared, and you can build an online environment that protects your best interests.
In need of secure hosting? Liquid Web offers secure hosting solutions for businesses of all sizes. Check out our plans to get started today.
Mike Sherman was formerly one of our Helpful Humans at Liquid Web and worked on the Windows Enterprise Department. He has over 10 years of technology experience and a wealth of SEO and online marketing knowledge. He now supports IT infrastructures for mid-range companies as a Mid-West MSP.
Keep up to date with the latest Hosting news.