What role will your business play in the next large-scale cyber-attack? Victor or victim?
It’s on desktops, laptops, and tablets that you’re most exposed to cyber threats. Symantec reported that 91% of all cyber-attacks begin with an email, and a 2019 Verizon investigation found that 30% of all data breaches occurred on a user device.
We recently onboarded a 30-man media company and discovered, in less than an hour, more than 50 critical security issues on their desktop environment. These issues included misconfigured antivirus products, unsupported Windows releases, critical vulnerabilities, failed updates, disabled security controls, and outdated virus definitions.
Their business has grown quickly and doesn’t yet have any dedicated IT resources, which explains why their desktops were generally in poor shape. The ugly truth is that small businesses are forced to rely on ad-hoc, reactive IT support with zero day-to-day maintenance, or submit to expensive agreements with opaque managed service providers.
It doesn’t end with security. Our service also identified 16 performance enhancement opportunities for the customer, of which 12 are currently being actioned (much to our delight!), including hardware upgrades and operating system configuration changes.
So, what can you do to reduce the chances of becoming one of the next victims?
- Ensure you install the latest Windows updates as soon as possible.
- Check that your antivirus product is enabled and includes real-time protection. Windows Defender is a brilliant, free, and native antivirus product for Windows devices.
- Enable User Account Control, a free Windows feature that reduces the risk of malware gaining system-wide access.
- Enable BitLocker drive encryption to prevent a data breach if your device is lost or stolen.
- Backup your files, so you’re always able to recover from ransomware (a type of attack that encrypts your files and offers to decrypt them in return for payment).
- Run a compliance scan on your device using an up-to-date benchmark to identify system configuration weaknesses and opportunities for security enhancement.
- Make sure the Windows Firewall is enabled, it will block all incoming traffic except for traffic that is in response to something you’ve requested.
- Uninstall any software you don’t use and keep updating those that you do.
- Check the status of your security products, backups and updates every morning before you start working.
- Never trust any email you receive, even if it’s from someone you know. Always assume attachments are malicious and scan them prior opening. Never open an attachment if you weren’t expecting to receive one.
- Avoid changing your passwords often. Instead consider using one long and complex password, supported by multi-factor authentication.
If you want to know more about any of these tips, or how nodepatrol.com can help you protect your organisation by simplifying security and increasing transparency, please visit our friendly team at stand B1422!