When winter comes, two quality blankets layered on the couch are better than one. The same is true with cybersecurity. Be sure that you have used a layered approach to cybersecurity strategy – include people, technology, and operations in your planning for best results. If one safeguard fails, there should always be a backup plan. Be sure to layer multiple solutions as you develop a cybersecurity strategy.
First Steps
The topics we have discussed so far in our Back to Basics series all apply when you layer your cybersecurity solutions. These include the use of human resources, creating an operations plan, and using cybersecurity safety practices. Take a look at these tips if you are just getting started.
Set Up & Test Backups
Ransomware victims who experience the greatest impact usually had no backups or incomplete backups. It is extremely important to set up a backup system, and to test it. If the system processes and storage can accommodate frequent (daily) backups, these are ideal. This will ensure that your data is still available in the event of a ransomware or malware attack.
In your Incident Response plan, you should also include a data restoration plan. Know who is responsible for restoration, what steps should be taken, and approximately how long they will take.
Next Steps
If you’re ready to make some changes for the BEST possible security posture, CISA has a few more suggestions.
Move to cloud storage. Host all of your email and file storage on a secure cloud server when possible. These services are built for security and maintained by extensively trained security engineers.
Use secure endpoints/devices. Chromebooks and iOS devices are designed for security, and use of these will decrease the attack surface.
Consider FIDO, an enhanced form of MFA that is “designed from the ground up to protect user privacy. The protocols do not provide information that can be used by different online services to collaborate and track a user across the services.” (More here on the FIDO Alliance website.)
Keep Going
Keep working on this! A good cybersecurity strategy takes time and effort. We know you can do it, and you will never be sorry that you invested time in this.
Stay tuned for more of the Back to Basics series. Using CISA’s Action Plan for Small Business, we’re offering the latest in cybersecurity best practices.
We at StandardUser Cybersecurity are on a mission to share cybersecurity and cyber safety education with everyone, to make our world a better place. Are you with us? How can we help? Let us know today.
Whatever your cybersecurity challenge, we can help you keep your business running. We are a defensive and offensive cybersecurity company, using over 30 years of experience with active commercial and government work and proven security methodologies. We also educate teams and professionals who want to build on their skills. Occasionally we communicate with cybersecurity memes.
We set the standard for cybersecurity excellence.
Comments