Nine Key Cybersecurity Tips from an Expert
Security is a fundamental practice within Loffler’s IT services. We help our clients succeed by helping them remain secure from malicious actors and loss of data.
In a recent conference call with some of Loffler’s team members, I provided nine cybersecurity tips that I’d like to see each one of our clients put into place.
These tips come with a couple of important disclaimers: First, it's not possible to be 100% secure. Secondly, these are intended to be a good starting point, not a complete and comprehensive list. But if you can do these nine things, you're going to be in pretty good shape from a security perspective.
Nine Key Cybersecurity Tips
My role at Loffler has me working with clients on their cybersecurity strategy and incident response plans. I also work with IT engineers and sales team members to design customized cybersecurity plans for our clients.
I wrote this list for our clients, but the advice offered within it can be applied to any organization. When used together, these tips work to strengthen a cybersecurity posture.
1. Conduct a Comprehensive Information Security Assessment
An information security assessment is designed to look at administrative, physical and internal/external technical controls related to security in an organization. It will assess policies, building access, data backups, firewalls; basically every possible component that can contribute to whether your organization is secure. There are variations on how this assessment is offered, with several options at different price points, ranging from a free self-assessment to a full consulting engagement. Loffler can work with you to find an option that best meets your needs and your budget.
Once completed, that assessment will provide a score and give a clear understanding of your security strengths and weaknesses. You can use that understanding to begin creating policies.
2. Create Required Policies
Coming out of that assessment, you should create the required policies based on the findings and recommendations. Prioritize recommendations according to what you’re able to do, the level of effort required to solve problems and ultimately what will increase your ability to keep your systems secure. Think of it as an action plan from the assessment.
If an organization is just getting started in cybersecurity, and they have no current policies to speak of, Loffler can get involved with a policy quick-start, where we can write five policies for them, and they can take it from there. Or they can involve us to write the rest of their needed security policies.
3. Conduct an Annual Vulnerability Scan
It's so easy to fall into a mentality of, we’ve always done it this way, why would we change? To counteract that, a vulnerability scan will help enlighten an organization in terms of what changes they should make.
This came up in an incident response we’ve had recently, where an organization had some vulnerabilities exposed through their firewalls. This is absolutely something that would have been caught during a vulnerability scan. No matter how good those firewalls are, no matter how good the people are that program them, human error can happen.
A vulnerability scan should be conducted at least annually. Our industry is recommending more like monthly or quarterly, but at the very least, an annual assessment of vulnerabilities is needed.
4. Have Effective Firewalls and Endpoint Protection; Review Logs at Least Weekly
Good firewalls are a must, as is taking advantage of advanced firewall services like intrusion detection, gateway anti-virus and content filtering. You also want to ensure your endpoint protection is up to date. No matter how effectively you implement these technologies, it is also important to review the logs in case something is missed.
Keeping up with these regular updates isn’t manageable for many organizations. This is where our Managed IT Services team can help. They ensure security on a regular basis, making sure endpoint protection is up to date, devices are patched and so-forth.
5. Enable Multi-Factor Authentication (MFA) for VPN, Office 365 and Other Systems
This tip could arguably have been number one on this list because of how important it is. With how many organizations are compromised through malicious email, this is one of the things that will stop malicious actors in their tracks. If MFA is in place, you will reduce the risk of an attack through email by likely 90+%. MFA is an absolute must.
6. Implement Automated Systems and Services for Log Aggregation and Detection
Have a system or service in place that will automatically see if a malicious actor has made their way into your system. This would be a system where event logs are monitored continuously, with stand-out and suspicious events being called out and investigated further. Larger organizations will have a SOC (Security Operations Center) in place to handle this kind of work. For smaller organizations, managed detection and response services can watch your systems for you.
7. Regularly Audit All Policies and Controls at Least Annually
At this point in the list, we need a tip that calls for a regular review of the cybersecurity strategy you have in place. It is essential to keep the big picture in mind. What policies exist currently, what controls (again, those technical, administrative and physical controls from above) do you have in place? What are you missing? How effective are they? Do people understand them? Are they following them? All policies and controls should be reviewed at least annually.
8. Create a Written Incident Response Policy
A written incident response policy should exist for every organization. This is a document resource that outlines the steps that should be taken in the event a cybersecurity event happens in your organization. You don’t want to be in the middle of an event having to guess what to do next. An additional piece of advice is to be sure the policy is kept in an easily accessible place.
9. Have Current Asset Inventory and Network Diagrams
A current asset inventory and network diagrams are fundamental to being able to react and evaluate the impact of a cybersecurity event. They will help effectively and quickly communicate the organization of your network and assets to all parties that may become involved in responding to a cybersecurity incident.
It's important not only to know where the entrance and egress points are on the network, but also to have that documented so that knowledge can be shared.
Do these nine things, and you'll be better prepared for the modern cybersecurity threats we see on a day-to-day basis.
Some of these tips cover the big picture of planning and assessing. Others focus on technical needs of cybersecurity. Loffler’s IT Solutions Group can help with cybersecurity in organizations large and small. Contact us to start a cybersecurity conversation today.
Read Next: Eight-Step Small Business Cybersecurity Plan
Randy is a CISSP and Manager of the Cybersecurity and IT Consulting teams at Loffler Companies. He is currently focused on bringing his 25+ years of IT experience to bear on the development and delivery of new and enhanced security services that provide a practical approach to IT security. He enjoys long walks on the beach and never conducts online banking transactions when connected to public WiFi.