Cyber-security isn’t something you can set up and never think about again. Once implemented, your security system should be reviewed and improved often. Forbes recently published an article exposing how quickly viruses and malicious attacks change online to find new ways of infecting your hardware. They discovered that an average of 375 cyber-security attacks are launched each minute. In those same 60 seconds, an average of three new phishing sites are launched. Of all the mobile apps available for us to download, the App store blacklists one every three minutes and an internet-of-things (IoT) device such as a smart fridge or watch is hacked every 7.5 minutes.
We hear about commercial attacks as well, ransomware has crippled many businesses big and small. This is why some organizations run virus and security checks daily now. Since malware can change so quickly, our security architecture is also continuously improving. This article will explore the more recent developments and tips that you can use for your cyber-security system, whether you’re protecting your home or your business.
This advice is usually given to businesses but since our homes and devices are becoming more and more connected, especially through the IoT, we need to start creating better security structures at home now too. It’s important to understand what information needs to be protected, where that hardware is and what software is in play. Knowing your inventory (whether it’s a server room full of high-priced tech, or your family’s laptops, smart phones and smart devices), its value, and the threat it faces allows you to assess where more protection is required.
About 80% of all breaches are due to a compromised password. This is why websites and portals are demanding longer, more complicated passwords and even passphrases. The use of multi-factor authentication is picking up as well. Authentication verifies identity; ensuring everyone is who they say they are. MFA is an additional layer of protection, so if your password is hacked, there’s one more obstacle blocking them from your system. There are a minimum of two pieces of evidence required to prove your identity with MFA, each requirement must come from a different category: something they have, something they are, or something they know.
“Administrator access” for operating systems and applications should only be given to those that really need it. When you’re reviewing your security measures, you should update this list as well, as privilege levels can change over the course of the year. You’ll want to ensure that you’re able to remove or disable any application you’ve granted privileged access to as they can give criminals “the keys to the kingdom”.
Firewalls have been around for decades, but have never been more important. When you deploy a firewall, it’s best to configure it with the least permissive rules possible. Unified Threat Management (UTM) is recommended, it provides a variety of security functions at one spot on the network. This can include anti-virus, content filtering, anti-spam and web filtering.
Whether these security measures are being implemented at home or at the office, one of the biggest reasons why anti-virus and anti-malware tools fail is a lack of understanding. Educating yourself or staff should include proper handling of emails with links and attachments, how to spot fake invoices or bank transfers, and how to update your security measures.