With all the changes and challenges that 2020 brought, the IT sector, too, didn’t remain unaffected. Last year was certainly a tough one for IT teams all across the globe with the sudden need to transition to remote work and work management. 2020 also saw the SolarWinds cyberattack, one of the worst cyberattacks in the U.S. that hit the Department of Homeland Security as well as a big number of other U.S. agencies and also many private companies. To add to that, highly dangerous vulnerabilities such as the ProxyLogon Microsoft Exchange one are still out there, ready to be exploited by cybercriminals. On top of everything, IT teams are currently overwhelmed by different tasks and challenges caused by the ever-evolving situation with the world pandemic that requires them to constantly adapt to each new change in the status-quo. Unfortunately, this often results in cybersecurity getting sidelined by more pressing and current matters which, in turn, paves the way for increasingly brass and numerous hacker attacks.
With all that put into perspective, one thing becomes clear is that companies and their IT teams need to find the time and resources to re-focus their efforts towards boosting the cyber-security of their operations. The attackers don’t care about the current situation and, if anything, it makes them even more eager to attempt to breach the security of their potential victims. That is why there should be no compromise with security or else the consequences could be particularly dire.
Our main goal throughout the rest of this post is to go over a couple of basic, yet incredibly important, security tips that, when implemented correctly, can drastically improve the security levels of a company’s network and lower the chances of successful hacker attacks.
Prioritize Security; Adapt a Zero-Trust Policy
Though there are tons of advanced malware out there that can automatically, and without any symptoms, breach a system and gain access to its most settings and data, practice shows that the most common reason why systems get successfully infected are small, trivial mistakes that could have easily been avoided.
For that reason, the first step towards providing your company with a stronger cyber-security is to start with the basics: Adopting a security-first approach, making an honest assessment of the current state of the infrastructure of your company or organization, and making its security a top priority is where it should all start. This will allow you to identify the various flaws in infrastructure’s security, prioritize them based on how serious they are, and then address them with adequate measures.
An example of a potentially serious security flaw that must be addressed by IT teams is the level of access that the employees and even executives have to sensitive data. One of – if not the – biggest reason whole company networks get compromised is human error. Even if a system is protected by state-of-the-art security software, if a user with access to sensitive data makes the mistake of clicking on or downloading the wrong thing, there’s always a chance that said data could become exposed to cybercriminals. Therefore, IT specialists working for companies and organizations need to carefully assess the need for different levels and groups of employees within the company/organization hierarchy to have access to sensitive data. It is generally advisable to give access to such data only to those who absolutely need it in order to perform their tasks and this includes executive members. Of course, all of this needs to be properly coordinated with the company management and/or shareholders for the measures to be effective.
On the topic of access to sensitive data, another often overlooked measure is the implementation of two-factor authentication. Many companies and IT teams don’t see this as a necessity but considering how common key-logging and phishing malware is at the moment, a single-factor authentication is no longer as secure as it may have been years ago.
The Importance of Security Patches
The next common flaw that many companies’ infrastructures have is a lack of prioritization of security patching. No software is perfect and cybercriminals are always on the lookout for any imperfections that they could exploit and use to infiltrate a system. It is therefore essential that newly-found flaws are fixed ASAP, before a hacker identifies them and tries to take advantage of them.
Statistics show that approximately 60% of attacks are due to vulnerabilities that have remained unpatched. For that reason alone, regular patching of newly-discovered vulnerabilities should be a priority of IT security teams as it could go a long way towards preventing data breaches and keeping the company/organizaiton’s infrastructure protected.
Of course, it is understandable why many firms’ IT specialists may have been neglecting this practice during the past year due to the pressing need to spend their effort, time, and resources on making the company’s remote operation possible. Still, as we said at the beginning, cybercriminals are always on the hunt for the next easy target and so the importance of maintaining strong virtual security should not be overlooked.
Something that’s also important to note here is that companies using internally-developed programs, apps, and other software must make sure that the software is properly documented and that all the information about its code is available to the IT team. This could greatly increase the speed at which the IT specialists are able to identify and patch out any potential vulnerabilities in the software.
Automation Can Make Things Easier
If your organization has already taken care of the first two important practices, and it now has a proper security-oriented infrastructure that receives regular updates to patch out vulnerabilities, it might be time to consider streamlining the work of your IT team and taking off their backs some of the workload that can be automated so that the team’s efforts would be better spent on tasks that require more critical thinking and improvisation.
One example of this would be to use automation for prioritizing and managing patches – a task that’s typically tedious and dull. If this is done automatically, by a specialized software, this will save a lot of time and allow the IT specialists to focus on other tasks that are more dependent on human interaction.
Of course, this is not to say that an organizaiton should aim to make as many aspects of its IT management automated – there are obviously those tasks that are better left to the experts. Automation should be applied in a controlled manner and only after other, more fundamental things, such as the practices we mentioned in the previous two sections, have been taken care of.
The Importance of the Fundamentals
Times are obviously tough and many organizations, companies, and other entities are struggling to keep up with the ever-changing situation, so it is understandable if many see things such a cybersecurity as a luxury that they cannot afford. However, as bleak as this may sound, things can always be worse, and one of the ways things could get worse is if a hacker who cares little for the every-day efforts of people decides to compromise the network of a company and wreak havoc in it. This is why now, more than ever, with our increasing dependency on technology and remote communication and work, organizations and their IT teams should strive to provide the best protection they can, given the circumstances, to their infrastructures.
The good news is that this may not be as complicated or as insurmountable a task as it may initially seem. Often it is all about the basics and fundamentals – making some organizational changes to protect valuable data, making sure that people working at the organization are well aware of the different dangers and pitfalls of the Internet so that they know how to avoid them, not postponing important security patches to give the hackers no opportunity to infiltrate the network. Those are all fundamental aspects of cybersecurity that can go a long way towards keeping a company’s operation safe from cybercriminals.