Cybersecurity doesn’t just happen. Laying the groundwork for effective security includes routine best practices and tasks that your IT personnel must stay on top of. DataLink recommends the following tasks to help protect your people, your information systems, and your organization:
- Patch. Many attacks succeed because the victims were running vulnerable software when a newer, safer version was available. Keeping your systems patched is one of the most cost-effective practices to improve your security posture. Where possible enable auto-update mechanisms. Prioritize the vulnerabilities CISA publishes in their Known Exploited Vulnerabilities Catalog.
- Perform and test backups. Many organizations that have fallen victim to ransomware either had no backups or had incomplete/damaged backups. It’s not enough to schedule all important systems to have a regular backup. It’s critical to regularly test partial and full restores. You’ll have to pick a cadence for the backups (continuous, hourly, weekly, etc.). You’ll also want to write a plan for the restoration.
- Enable disk encryption for laptops. Modern smartphones encrypt their local storage, as do Chromebooks. Windows and Mac laptops, however, must be configured to encrypt their drives. Given how many laptops are lost or stolen each year, it’s important to ensure that your laptop fleet is protected.
- Remove administrator privileges from user laptops. A common attack vector is to trick users into running malicious software. The attacker’s job is made easy when users have administrator privileges. A user who lacks administrator privileges cannot install software, and this type of attack won’t work.
- Ensure Multi-factor Authentication (MFA) is mandated using technical controls, not faith. Some organizations have instructed their users to enroll in MFA, but not all users complete that task. There are often MFA gaps for recently onboarded staff and for people who have migrated to new devices. You’ll need to regularly look for non-compliant accounts and remediate them.
- Enable MFA for all system administrator accounts. System administrators are valuable targets for attackers. You might assume that they would reflexively enroll in MFA. Yet Microsoft reports that only around half of Azure Active Directory global administrators use MFA. In many compromises, attackers were able to get a foothold on the system administrator’s account, and from there they had complete access to all the company’s assets.
Secure your business. Contact DataLink today so we can help protect your technology and your organization:
(410) 729-0440 | Email