Improve Your Business IT Security Posture
As ISO, CIO, CSO, CTO, we need to secure our infrastructures, both online and physical. In today’s world, remote workers, subcontractors, phones and laptops are the core of many businesses. The physical protections of phones and computers, is left to the user of the devices. All physical copies of documents and important secretive information can easily be locked up in a safe at the office or even at home.
For the majority of startups, small and medium businesses, the risks mostly relate to the phones and computers. Being in this situation myself with a background in IT Security, I thought I would share the easy low costs tips and tricks of securing your IT devices.
Before taking action, we must first understand how we are exposed to hackers and thieves who could access our computers.
To make it easy, let’s divide the attack surface in 3 categories easy to remember:
- The targeted malware, coming after you
- The physical hardware loss or theft
- The commodity malware, attacking the masses
First, let’s clear the targeted malware.
The chance of being hacked directly early on in the business is unlikely. However, targeted malware vector of attack grows as your business matures and starts disturbing competitor market. The main reasons for this attack vector are:
- Cyber Criminals see you as profitable target.
Example:
A group of criminal could be targeting the finance department to gather all the information necessary to wire money out of your accounts. Many medium size business fall victim of such attacks and suffer important losses hurting their cash flow.
- Cyber Criminals are funded by your competitors to get information or to sabotage your business.
- Your competitors might also get state sponsored hacking support in parallel without them even knowing about it. Corporate espionage is much more popular than most people expect.
Example:
A popular attack from competitors is to get copies of quotes from your business to under bid you. Many CEOs and Co-founders come to me and explain me how they were targeted and hacked. Some are at risks because of international contract negotiation. When business owners share their story with us, it’s typically because they lost a contract unexpectedly and wondered what happened, looking for internal traitors, when in fact, there were none, they were simply hacked. Their privacy had been breached.
Second, let’s discuss commodity malware.
Lately, commodity malware such as ransomware has picked up momentum. As you may already know, ransomware encrypts all existing files on your device and asks you for bitcoins in exchange to decrypt these files. This type of attack is targeting the masses to infect as many hosts as possible. An attack such as this significantly impacts business operations and adds financial implications in order to recover encrypted files. The rising numbers of ransomware attacks motivate businesses to harden their IT security posture. Even large enterprises are suffering from ransomware attacks.
So, what is the simple way to improve your IT security posture? Backups!
- Test your backups
- Keep more than one backup
- Don’t forget to encrypt your backups
Another popular commodity malware is used to build and control botnets. Botnets are swarm of infected computers or internet connected devices. They are used to perform many tasks. The most popular: Distributed Denial of Service attacks (DDoS). These type of commodity attacks are constantly raising in size and capacity. The most recent attack on Dyn is certainly a proof of the potential damage that can be caused by DDoS.
Let’s cover the loss or theft of devices.
As more and more of our information is centralizing to our devices such as our phones, computers, the loss of them can create irreparable loss of personal, business data. Some IT security services offer features to wipe out lost devices remotely. My advice would be not to rely on such features. From all devices that have been lost or stolen by Arc4dia’s staff and clients, none have ever connected to the Internet that would have allowed to send the remote wipe (erase all information).
In my opinion, the only practical protection here is to have a good password and full disk (device) encryption. With the latter, you can expect that your device will have to be reset for usability, which will erase your documents, before it ends up being sold on the black market.
To sum up the protection against theft, good password + full disk (device) encryption.
Note
On an iPhone, the disk encryption is always on. Simply put a strong pin or password combined with the wipe on too many failures option.
On Android, in most cases, you have to turn on device encryption in the settings. It also lacks the wipe on too many failures feature. You will need to install an App called Locker for this or equivalent.
For the Mac, the disk encryption is easily turned on in the security settings.
https://support.apple.com/en-us/HT204837
On a Windows computer, the disk encryption can be turned on in the security settings. However, it does require the Pro or higher version to enable Bitlocker.
