Recently it was Safer Internet Day. It is celebrated globally in February and dedicated to promoting a safer online world.
In our experience, one of the best things you can do is to provide cyber security awareness training for your staff and make that part of your regular training regime. Hackers often employ methods targeting your staff to give them an opportunity to access your systems. Sometimes there might be an assumption that cyber security is the responsibility of the IT department, but in reality, every person in your business should take responsibility.
If you need help with providing cyber security awareness training, we have different effective options to suit your needs.
In support of Safer Internet Day, Sophos released some tips for businesses and individuals to have a safer experience on the internet.
Patch early, patch often
Sometimes companies don’t see regular patching as a necessity and they put these off until they can prioritise it. Cyber criminals are constantly on the look out for vulnerabilities and if you don’t patch regularly, your business systems will be more vulnerable. Sophos suggests that it is important to learn how to test updates quickly – you can start with one computer and make notes from there – and to have a plan for rolling back in the rare event that something does go wrong.
Know what you’ve got
Even if you are a small company, it is important to keep an up-to-date asset register, IT inventory, or a list of computers and software you are using. Cyber criminals often look for old and unpatched computers as that may be the stepping stone they need to get into your systems.
Set up a security hotline
One of the techniques cyber criminals often employ is to send phishing emails to different email recipients within the same organisation, or call round every company phone number until they can find somebody they can connect to. Develop a culture where staff question calls and emails that look suspicious our out of the ordinary and enable them to easily report this so you can help them manage the situation.
Revisit your backup strategy
Backups aren’t just useful to protect against ransomware attacks, but they are about disaster recovery. Your strategy should include backups that you keep offline and offsite.
Pick proper passwords
Make sure that your staff know how to select strong passwords. As an organisation, make sure that you know who is supposed to have access to what information, you cancel accounts when employees leave, and encouraging staff to let you know if their password lets them see data they shouldn’t, so you can reduce the risk of a data breach.
This page has useful information for your staff to share with their families and friends.
We can help
Campaigns such as Safer Internet Day is a good opportunity to review your cyber security initiatives. If you need help determining your gaps, analysing your risk, or improving your staff’s security awareness, please contact us on 04 917 6670 or email sales@sss.co.nz and we can help you improve your security posture.