What can you do to minimise the risk of a cyber attack?
In June 2016, our technical director Tom Cannon attended a Business West event with Bath Chronicle and Bath Chamber of Commerce, and received a very informative presentation from DI Gavin Webb, from the South West Regional Cyber Crime Unit (Avon and Somerset Police – Zephyr). At Bath University, DI Gavin Webb advised on the threat that is posed by cyber crime and the measures that can be put in place to help protect businesses.
cyber crime is mentioned daily in the news at the moment, there are a lot of big names getting attacked. Information about cyber crime is everywhere, but how is it relevant to you and what can you do to help prevent an attack?
Here are our top 5 cyber crime prevention tips, which will help businesses and individuals protect themselves in the unfortunate event of a cyber attack:
Top 5 cyber crime prevention tips:
- Be smart about your passwords
- Keep on top of software updates and antivirus
- Delete/disable users that have left the organisation/business – review your network regularly
- Make sure you have a solid backup solution
- Think twice when opening and reading emails
Passwords
Always use strong passwords that are not easy for a criminal to guess. Avoid simple words such as “password” and make sure that you use a combination of lower case, upper case characters, numbers and symbols. This makes your passwords harder to crack. It’s also good practice to change your password regularly – ideally every month and don’t use the same password for every website, bank, email account and work network account that you log on to. If you did use a common password, a website gets hacked (out of your control) and passwords are leaked; criminals could know your login details for all services that you use. Never give out your password to anyone, keep them private.
Software updates and antivirus
It’s a good idea to keep all software that you use up to date. This extends to operating systems: iOS, Windows, Mac OSX and software applications. Criminals are constantly looking for ways to gain access into systems via loopholes and vulnerabilities and once these get discovered a patch will be released. This is why it’s important to keep your software up to date. It’s also critical to keep an up to date Antivirus program on all of your systems. Antivirus software cannot guarantee that it will prevent a cyber attack, but you are much less exposed with an up to date, correctly configured and well known Antivirus product. At Moore IT, we still find business networks occasionally with antivirus software expired, out of date or even missing on servers when we perform IT audits for new clients.
Disable users that have left and regularly hold Network reviews
Within business networks you should regularly be reviewing your systems with your IT support team. When did you last check the list of users on your network and see how many of them have left the business? When did you last change your Wi-Fi passwords – who knows your Wi-Fi passwords? When an employee leaves a business their network account should be disabled, they could still have access to the network via a VPN (Virtual Private Network) or the company email system. Regular reviews can help this. At Moore IT we recommend that an IT engineer performs a monthly visit to discuss this with our clients and provide this as an option under our SLA’s (Service Level Agreements).
Backups
Make sure that you have a backup, that it is working and that you are including everything required in the backup selection list. There are a number of methods of backing up your data, tape, hard disk, NAS (network attached storage) and cloud backups are the most common types. All of these methods work, but need checking regularly – do you get email notifications each day informing you of the backup completion? Do you run a test restore to test the integrity of the backup and what is the retention period of your backup (how far back could you restore if you had a virus that didn’t get detected on your network straight away) At Moore IT we are able to provide hardware backup solutions and cloud backup software that automatically backs up your data to UK data centres with encryption, with various different retention periods – ideally 365 days. Ask your IT support team to setup notifications of your backup completion, check what’s being backed up and how regularly.
Think twice when opening and reading emails
Email fraud: spam, phishing and viruses are on the increase. In an ideal world your anti-spam software or provider will block these threats before they get delivered to your inbox, but the anti-spam companies are finding it harder to keep up with the new threats released every day. The best advice is to always think twice when reading an email, if it’s an offer that sounds too good to be true, ignore it. If it’s an attachment that somebody you don’t know has sent you and you aren’t sure, don’t open it. If it’s a colleague asking you to make a financial transaction; speak to them in person before making any transfers – even if it has come from their email address. This may be obvious to some, but never give your details to any banks, Paypal, Ebay or any other websites that send you an email asking you to verify; this is a criminal after your personal details. Always ask your IT support team if you are suspicious about any emails.
Further protection
At Moore IT, we provide free IT audits as an introduction to how we can help your business or organisation. This is a perfect way to have your server / network checked and receive a free report on any potential issues.
If you suspect that you have an infection on your system, please get in touch with us and we will be happy to help.
Further reading / links
Zephyr Regional Cyber Crime Unit
]Types of Cyber Crime – The Windows Club