The last thing you want is to have to call your clients and tell them that you have had a security breach that compromised their personal information, but this is happening with increased frequency. This is happening in spite the growth of highly sophisticated security methods and technologies and results in loss of client trust, negative public relations, financial loss, and even the shutting down of an entire operation. Often, and particularly in small to mid-sized businesses, this is because a company simply has not instituted basic security practices.
If you are a small to mid-sized business, your network security should begin with a qualified managed IT support company. Why? Given the complexity of today’s IT world, there is simply no way that a company of this size, with a small in-house IT team (or none at all), can possibly keep up with the daily threats it will have to ward off. The installation of anti-malware software, firewalls, etc., can be accomplished in-house if your team has the proper training, but the right Managed IT service company with monitor, manage and maintain these and other protections 24 x 7 x 365, dealing with small problems before they become major ones. They can also be retained on a co-sourced (co-managed) basis to augment your own people.
While we recognize that there is no one-size-fits-all prescription for keeping networks and data secure, it is important to understand that proper network security requires a layered approach, which we laid out is some detail in our white paper: Cyber Security 2017, which is very much an important read today in early 2018 (the 12 Layers begin on page 5). We also believe that in today’s world, this layering approach applies to data backup. For example, for many years, the most sophisticated backup approach was the use of a set of magnetic tapes. While tapes may still be considered part of an effective a layered approach. It should be tied in with both on-site and off-site backups. Over the years, we have seen cases of tapes that weren’t secured, or failed, or (more frequently) weren’t updated when they should have been.
Some of the protections that need to be considered:
Your data also should consider protection using multifactor authentication, such as entering a unique password, then a code received on a mobile device. This is particularly effective in warding off password breaches and what are called brute force attacks, during which the attacker will used complex algorithms to try and break through by repeatedly trying many thousands of different potential passwords.
Email is one of the most vulnerable touch points in most organizations, but not only do many firms lack reliable email continuity and archiving for compliance, eDiscovery subpoenas and other needs, but they also have not implemented email security measures to effectively thwart cyber-attacks. To help prevent an email catastrophe in any business, DynaSis provides its Unified Email Management (UEM) solution, a secure email gateway that examines every email.
Mobile devices are ubiquitous and most employers today have accepted the fact that their employees are going to be suing their own devices (smartphones, tablets, laptops) for work. Simply put, this presents a security problem that requires sophisticated Mobile Device Management system and at DynaSis, we use what we (and many others) consider to be the best system available.
Network security is a major undertaking that needs to be taken seriously. Here at Novatech, we have been doing just that since 1992. Give us a call today and we can discuss how we can work with you either on a full managed IT support basis, or a co-sourced basis with your in-house team. 770.569.4600