In today’s digital age, the chaos following a cyber-attack can be as debilitating as a physical one.
The world woke up on 7 April 2014 to a flaw in the open source encryption “https” websites – which Internet users have been taught to trust, sending shock waves among governments, corporations, and internet users.
Many cyber-security experts called the Heartbleed vulnerability “unprecedented” and “catastrophic”, as 17 per cent of the Internet’s secure web traffic was affected. Mobile web browsers were also maliciously harvested for data, adversely affecting millions of Android users.
A recent global benchmark study by the Disaster Recovery Preparedness Council revealed that 60 per cent of data loss faced by companies is due to human error.
Doing your part to keep your office network safe from insidious cyber-attacks need not be tedious. Keep your office network safe with these five fundamental insights:
Upgrade your existing software
Besides refreshing the user interface and looks, firmware and software upgrades serve one very important function: security. Upgrades may be time-consuming, but they are essential to keep your computers (including cloud security), mobile devices, and network safe from potential vulnerabilities. For example, in the aftermath of the Heartbleed bug, a security patch was issued to fix the vulnerability. If your company has a BYOD policy, it is equally if not more prudent to ensure you are on top of upgrades. Hackers and cyber-criminals are always looking for flaws to exploit, so the upgrades will keep coming. It is a never-ending but necessary battle.
Change your password periodically and include 2FA
If you have an enterprise system, make sure that periodic password-changes are mandatory. Otherwise, implement a routine to refresh your passwords regularly. Strong passwords should contain a mixture of eight alphanumerics in upper and lower cases, as well as symbols. Never write your passwords, or use the same password across multiple accounts. Include Two Factor Authentication (2FA) into the mix to counter identity fraud.
If it’s too good to be true, it probably is
Cyber-criminals love to exploit human greed and curiosity to their advantage. In the immediate aftermath of a crisis or popular event, cyber criminals will create malware-infected websites to lure unsuspecting visitors through social media and search engines.
For example, numerous websites purporting to carry legitimate news about the missing MH370 sprung up on social media after the aircraft’s disappearance in March 2014. Computer security software company McAfee also announced in a statement that cyber-criminals are most likely to use Portugal’s football star Cristiano Ronaldo to lure visitors to web pages designed to infect them with malware.
As such, one should always exercise caution when clicking on email links with subject headings promising fast cash. As the adage goes, there is no such thing as a free lunch.
Always do periodic backup of your data
Having multiple layers of redundancy is one of the best insurance companies can possess in the face of a breach in the office network.
Every office should have two backup copies of their data, one over the cloud, and the other in a physical form. A routine should be established to back up important data, and practice restoration. After all, there is no point backing up your data if you have no clue how to restore it.
Have a data-protection service in place against cyber-attacks
Nothing beats a professional securing your office network and data. There are multiple security-solution companies available to customise the best protection for your office, such as McAfee, Kaspersky Lab or Websense.