Over the past two years or so, more and more small and medium-sized businesses (SMBs) have been moving their operations online. Internet and online security in general have been becoming a vital part of their operations, especially for e-commerce and financial service businesses. it’s now essential to ensure comprehensive online security protection from cyber threats.
Suggested Approach to Online Security
Online security is not just malware protection. It is a key component of Business Continuity. As the FBI say, it’s not if you will be attacked, but when you will be attacked.
Here are some key steps to take:
A Business Continuity Plan
In the case of a cyber-attack or other data loss event, having a comprehensive business continuity plan in place can help ensure business continuity and minimize downtime.
For online businesses, being offline represents a financial loss. If potential customers cannot reach, or cannot use your e-commerce website, they will go elsewhere, certainly this time, and probably the next time as well.
Above and beyond that, being offline and admitting to a data breach represents reputational damage.
Data Backup and Security
Regularly back up important data to a secure, off-site location to ensure that it can be recovered in case of a cyber-attack or other data loss event.
Data is often held in a three-level architecture:
- Data for immediate or frequent use is held in local online databases.
- Less frequently accessed data is held in cloud-based repositories – still online
- Archived data is held in offline storage. Automated handling like tape libraries can mean that it is still available, but perhaps not immediately.
Cyber Security Training
One point that is often overlooked is user training. The FBI again estimate that nearly 80% of all successful data breaches originate inside an organisation. The majority happen because of user action or inaction, sometimes malicious, sometimes inadvertent.
Employees should be trained on safe online practices, such as avoiding suspicious emails and links and reporting any unusual activity. Phishing emails are becoming more and more common. Hackers are finding new and ingenious ways to attract users to spoof websites and asking them to cough up login credentials. Hackers then use these to extract information for use or sale, particularly financial information.
Users are careless with their passwords. Automating the issue and management of passwords can bring great benefits.
A password manager is a tool that helps security staff in IT generate, store, and manage user passwords. Passwords can be manually assigned by security staff, created by the user or automatically generated. Passwords are securely stored in an encrypted database. The password manager can also be programmed to force a password change at pre-defined intervals.
Automatically generated passwords are strong, unique passwords for each account, which reduces the risk of weak or reused passwords. Some password managers also offer additional security features, such as two-factor authentication and biometric authentication.
Working from home and remote access has increased the threat of malware entering the business network from unmonitored equipment whose malware protection status is unknown.
Antivirus software must be installed on all devices used for business purposes and kept up-to-date from a central repository with the latest virus definitions. Users mustn’t be able to disable malware prevention or prevent automatic updates.
Further, any third-party devices connecting to business devices, for example, thumb drives, must be automatically scanned before they can connect to the network.
All data imported from third-party devices must be automatically scanned before becoming available and quarantined or blocked if it is found the be infected.
Two-factor Authenticaion or 2FA
Two-factor authentication adds an extra layer of security by requiring users to provide two forms of identification before accessing sensitive data or systems. The authentication device can be a user’s smartphone or email address.
Secure Payment Portals
When accepting online payments, use a reputable payment processing provider and ensure that all transactions are encrypted and secure. It is also important to ensure that all outgoing payments are secure.
Financial security extends to the storage of client financial data. It is vital that this is secure. Loss of client financial data will cause severe reputational damage and could lead to litigation.
Regularly monitoring your systems can help detect and prevent cyber-attacks before they can cause damage.
Monitoring is a means of understanding the behaviour of a system. It usually involves tracking a specific set of metrics, such as CPU usage or network traffic, and using alerts to notify observers when those metrics exceed certain thresholds.
For example, potential network attacks can be detected by observing network traffic metrics and noting changes in traffic patterns and when metrics exceed thresholds.
By taking a comprehensive approach to online protection, small and medium-sized businesses can better protect themselves from cyber threats and ensure the safety of their data and operations.