Minimizing Cybersecurity Risks, Part 3: IT Centralization/Corporate
Regardless of how you manage the organization, there must be central direction and oversight for effective cybersecurity. Key IT functions must be performed to safeguard the organization and should be led from “the top” and managed centrally.
Managed Detection and Response
Manage endpoints with around the clock monitoring with detection and response capability employing a security operations center. This includes viewing, synthesizing, and prioritizing issues in real time with a Security Incident Event Management (SIEM) tools. AaDya provides a solution for small business. Using a SIEM or Security Information and Event Management will take logs from devices such as firewalls, switches, operating systems, and any network device that does logging and put them in one location.
Backups
Backup your cloud data. There are too many options to describe how to do this. Do not use local workstations for storing critical data unless it is required. AvePoint and VEEAM are some of the many top providers.
Application Whitelisting
Application whitelisting will only allow the software you have approved to run inside of your environment. Threatlocker is a solution for small business. This is fundamental to any security program.
Advanced Threat Protection for Email
Software that is offered with Microsoft's Plans and part of the Microsoft Defender Eco-system. If you are not using Microsoft there are other tools that do the same such as ProofPoint or Mimecast.
Browser Isolation
Computers that connect to the internet open the door to malicious actors accessing your services and data. Browser isolation sets up a separate environment by running your browser in a controlled container away from your computer. This protects your computers from the bad code running on your computer and trying to execute commands that will compromise your infrastructure and/or data. Cloudflare Teams* and Authentic8 are tools that can be used by virtual and small business. *Note – Cloudflare Teams also includes Cloud Access Security Broker, Secure Web Gateway and more.
Cloud Access Security
There are products/solutions, called Cloud Access Security Brokers (CASB), that provide central data authentication and encryption hubs. It spans your on-premises and cloud services (applications you use in the cloud), for all of endpoints. Cloudflare Teams, Microsoft, and many others offer this service.
Assessment and Implementation
Having an assessment will inform you of your gaps and what needs to be closed. It's Just Results has an online assessment solution that accelerates the process of understanding of your current capabilities and having an online implementation plan that can be easily deployed and moves you away from spreadsheets.
Software Patching Tools
Use automated software patching tools. Have a way to not only patch the operating systems, but also patch all the software you use. NinjaRMM and PDQ.com are examples.
Penetration Test
Test your business environment for vulnerabilities. Evaluate your web site for exploitable breaches that would allow a hacker to steal client credentials. Confirm that your network (firewalls, servers and computers) are patched. Conduct phishing and social engineering to make sure your staff is trained.
Conduct Inventories
Knowing what hardware, software, and applications you are using provides the information on what assets need protecting. You can use paper inventories or simple free tools to gather this information. Belarc Manage and NinjaRMM both are good. There are other such as Spiceworks or Open-AuditIT. All help with capturing and managing asset inventory information for hardware and software.
Check out our previous posts on minimizing security risks in the user experience and top-down management strategies.
This is a 3-part series on minimizing security risks. For personalized support digging deeper and prioritizing steps for your organization, please reach out to It’s Just Results CEO, Gustav Plato, on our website at Schedule a Consultation Now.