A secure network just a few years ago looks very different than what a secure network looks like today. Businesses are now reexamining and redesigning their networks to ensure new threats are taken into consideration. Most organizations are reevaluating their current measures to ensure they are enough to protect current assets. Deliberate efforts that incorporate multiple layers of protection – an implemented security framework plus a deployed and maintained approach to security – is the best method of protecting your business. But how do you get there? We’ve compiled some frequently asked questions from our customers to help you navigate the tricky world of business and security.
How do you know if your network is secure? As a business owner, what do I need to know about security that I may not know?
The best way to determine if your business is secure is through a gap assessment. A gap assessment will help you understand your security posture in order to make an informed decision for your unique business that includes a plan with a prioritized roadmap, with both the tactical and strategic items that need to be executed.
What is security posture?
Security posture is the status of your business’s software and hardware, networks, services, and information. It also includes the controls and measures you have in place to protect your business from cyber-attacks.
Is there a way to determine if I have a good security posture without having a compliance requirement?
All companies have a security responsibility regardless of industry. Some are enforced because of regulations such as ISO, PCI, HIPPA, GDPR, CCPA, etc., or a best practice guideline like NIST, or the CIS Critical Security Controls. Again, compliance doesn’t mean security. Security monitoring goes hand in hand with a security posture, but what is that? Security monitoring is the best way to reduce the mean time to discover a breach and reduce the amount of exposure. It is similar to a home owner who waits to get robbed before getting an alarm. Remember the 2019 Marriott breach? The hotel chain suffered a security breach that went on for three years before it was detected, compromising the data of 500 million customers. In order to gain visibility and improve your security posture, a managed SIEM is a good route. It alerts you to anomalous activity and provides insight into the day-to-day security of your business.
What is a SIEM?
Security Information and Event Management (SIEM) is a software solution that aggregates and analyzes activity from many different resources across your entire IT infrastructure. SIEM tools collect security data from network devices, servers, domain controllers and more.
How do I protect my company from Ransomware?
Ransomware, a type of malicious software – also called malware – is designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website. Ransomware can be devastating to an individual or an organization. Unfortunately, there isn’t a “Silver Bullet” solution to protecting your business from ransomware; you need a layered approach. Included in the layered approach strategy is the possibility of data becoming encrypted. It is imperative to have a backup and recovery system that allows you to get data back should it be breached.
Other parts of the layered approach include Security Awareness Training and Testing (e.g., phishing tests and regular awareness reminders), Scanning (Vulnerability and Configuration scanning), Patching (including 3rd party patching), Security Event Log Monitoring and Management (SIEM) and periodic Gap/Risk Assessment with a Roadmap. All Covered offers all the services included in this layered approach.
How do we stop our staff from infecting our network?
Managed Security Awareness Training (MSAT) not only provides the greatest ROI in security, but it is the best way to keep your staff from opening dangerous emails.
In addition, limiting credential usage for all users (local only) to reduce the attack surface and Malware damage is a good idea, and of course, BACKUPS, BACKUPS, BACKUPS (for when it could inevitably happen.)
What are some things that you think all organizations need to be doing regardless of industry?
We call it the 3 Pillars of Security, and it includes:
It is no longer an option to just have an incidental approach to security. Businesses both large and small are at risk of a breach. While there are many options to fix this once it has happened, our biggest advice is to have a layered approach in place to minimize risk in the first place. Navigating the ins and outs of your network, mandating compliance and educating your staff are just some of the concerns on the minds of business owners. Security is no longer an option, it’s required. If it isn’t currently part of your operations plan and budget, let’s discuss how we can help. Visit our cybersecurity page today for more information.
The number one thing that all business owners need to walk away from this blog with is that security is not a ‘set it and forget it’ item. Your plan of action must be reviewed regularly as should your security posture.