Cyberattacks against small businesses are on the rise. Symantec reports that 43% of all spear phishing attacks in 2015 targeted SMBs, versus just 18% in 2011. Ransomware attacks quadrupled in 2016 and are expected to double again this year. How do you protect your valuable business data against this?
There are plenty of security products today that every small business should be using, but the most fundamental security measures for any organization come from your employees and the policies built in to the systems you're likely already using.
Fostering a culture of security awareness is an important step. Employees should be aware of the dangers of sharing accounts, divulging username or password info, and opening unknown files. Each new employee should have a user account ready at onboarding and old accounts should be regularly checked to see if they are no longer needed.
Accounts should automatically lock out after several unsuccessful login attempts. Log and retain all login activity. NOTE: Please see my post New Password Standards Your Users Will Love for a discussion about new password standards from NIST.
Up to 94% of the security vulnerabilities found in Microsoft products can be mitigated simply by removing administrator rights from users.
These basic steps will help keep your systems secure, before even discussing desktop and server anti-malware scanning, firewalls, content filters, and advanced auditing and system configuration compliance.
IngenuIT can help. We can perform an audit of your current systems, let you know where you're okay and where you need to consider a change. Call today! (314) 495-9504 or e-mail firstname.lastname@example.org