2.11.21 – CI- Joshua Liberman
As cybercriminals become more sophisticated, it’s good to go over the cybersecurity basics that cover the bases for your business.
Anyone who follows the news or social media knows how scary the security landscape is nowadays. The madness of 2020 and the “instant” Work from Anywhere lifestyle has only made this issue worse as our home machines are rarely as secure as those at work.
With all of this bad news out there, what is the good news? For the most part, it is that getting back to cybersecurity basics covers most of these concerns.
Here are some cybersecurity basics for business that will cover everything you’re concerned about in 2021:
Passwords. No matter how or where you connect, the truth is that most of us still rely on some very old technology as our primary defense, the password.
Of course, better passwords or passphrases help, but there will always be an inherent tradeoff between password complexity and ease of use. The first line of defense for most of us is a better (more complex) password that is unique to each login or web site.
Password complexity is complicated, but a good starting point is to create passwords of eight or more characters and are neither dictionary words nor obvious numbers.
Complex passwords have upper and lower case, numbers, and punctuation marks too.
Passphrases are even more secure. You can also create passwords from passphrases; NowistheTimeforStrongPassWords@2021 becomes “NitTfSPW@21.”
Multifactor Authentication (MFA). No matter how well you play the password game, a compromised password is a real threat, and that is where MFA comes in. Long available by SMS, authentication apps in phones, USB devices, and even biometrics (fingerprints, facial recognition, etc.) are here now.
And on the horizon is a new technology that may supplant passwords entirely by tying biometrics to MFA.
Protecting the “Endpoints.” No matter how or where you connect to or from, you are using what we call “endpoints” (your desktops, laptops, tablets, and phones). As the car guys say, that is where the rubber hits the road.
Most attacks are focused on endpoints and the users of those devices. That is why we have to focus on protecting these devices just as resolutely as the bad actors focus on finding and exploiting them.
And that again comes down to getting back to basics here by deploying endpoint detection and response, with a human factor as well.
The first line of defense is what I call “active endpoint protection” aka EDR (Endpoint Detection and Response). This is modern antivirus software that is not pattern file based, but instead analyzes behavior and recognizes malware as it attempts to enter the machine.
It is paired with “threat hunting” software that can detect evidence that something has penetrated those defenses. And finally, the human factor comes in.
Modern EDR software often includes a security operations center (SOC) watching over the endpoints, ready to pounce upon any indication of compromise at a moment’s notice.
Patching, Patching, Patching. All software requires frequent updating. We all know Windows Update, but few of us realize how many patches are out there; 616 Microsoft patches were released in the first half of 2020.
Windows Update does not include patches for third–party products such as Adobe, web browsers, and more. That is why most attacks still leverage issues that have been patched long ago.
One More Twist. Almost all of us are using Office 365 (now Microsoft 365) by now. With so much being done in M365 (OneDrive, Outlook, Sharepoint, Teams, and more), it makes sense to treat it as another endpoint.
Most of us have spam filtering, but with the explosive rise of phishing, dedicated phishing protection is critical too. You should also review your Microsoft 365 logs, looking out for anomalous behavior that might indicate a compromise.
That is why we use a SOC for our M365 accounts, protecting that online data just as if it were another endpoint on our network.
Is Backup Security? The quick answer here is yes. No matter how well you armor yourself, security experts will tell you it is not a matter of if, but when, you will experience an intrusion. That means that having “incident response” plans in place is a critical step.
Having truly comprehensive and reliable backup and business continuity is just one part of that plan, but it is a critical part. Frequent, secure backups that reside both locally and off-site, and automated verification of their integrity are key.
In today’s environment, comprehensive backup is security, and nothing less will do.
It All Comes Down to You. Now it gets really interesting. No matter what steps you take to protect yourselves, no matter how much you spend securing your business, if your people do not behave responsibly, you will lose this fight.
We all expect to be licensed to operate motor vehicles, operate heavy equipment and more, but nobody needs any formal training, much less certification to use a computer. At least not yet. I am not advocating for that here, but I am trying to point out that the harm to personal property and economic livelihood(s) that improper computer use can cause.
That puts the onus upon you to properly educate and continuously train your customers to behave responsibly around all things related to IT. This includes the (hopefully) obvious things such as using complex passwords and never sharing them between sites or other users, never clicking on links in unexpected emails, and being careful to safeguard all company and customer personal information at all times.
But this is much easier said than done. You can try to do this and all of the above on your own and you may even largely succeed. But the cost of potential failure is very high.
That is where the integrator comes in. This brief survey of what constitutes modern IT security today is only the tip of the iceberg. Getting this right is both critical and very difficult and that is why you need to be prepared as your customers guardian against cyberattacks. There are a lot of us that can do a lot of things on our own. But some things are too risky to leave to chance.
Joshua Liberman is president and founder of Net Sciences, Inc. He has been a member of The ASCII Group since 1996.