We are at the start of what could be a cyberwar which is making people and businesses uneasy. Everywhere we turn we’re bombarded with new hacks being done by foreign countries. As individuals we have little to nothing to fear; however, as business owners I believe we should be paying more attention to network level security at our firms. Recent incidents could have been prevented by taking a few simple steps.
Equipment connected to a network should be up to date and modern. Russians weren’t the first to hack our electrical grid. Several years ago China supposedly hacked the grid and before that it was a private group. I work with organizations that manage our utilities and am always servicing antiquated equipment from the late 90’s and early 2000’s.
Computers and devices are only as secure as the passwords and firewall settings we employ. Passwords should be at least eight characters including symbols, numbers and capitals. Hardware level firewalls should be installed that require higher level security before a connection is established.
Administrative privileges should be limited. Account permissions are rarely utilized and everyone in an organization is usually granted admin rights. Because the easiest way to gain access to a network is exploiting passwords, anyone who is able to figure out a password has immediate administrative rights to the network.
Encrypt everything. I know that sounds like overkill, but the connections between devices and the data should always be encrypted. I worked with a company last year that encrypted the connection but not the data. I was able to open their proprietary files with my laptop and basic text editing software.
Do not allow outside equipment to be connected to your network. All it takes is one device with a malicious utility to hack an entire network. Even though BYOE is currently en vogue, employees and visitors should not have the ability to connect their own equipment. Think of this as giving a thief the keys to your front door.
Turn off internet for those who don’t need it and limit access to certain websites. Reduce your internet footprint and employ rules for how business machines connect to the internet. Not all computers need to be connected to the internet and employees don’t necessarily need unrestricted access.
Move off the grid entirely. It may sound farfetched, but I have a customer who doesn’t connect any of their business network and computers on the internet. Rather, they have two separate networks that don’t communicate. There’s absolutely no way to gain access to that company’s data remotely.
Preventing cyber attacks really is possible with a little foresight. Even if the information your business generates isn’t worthy enough for WikiLeaks, losing it may be debilitating. The idea of a cyberwar isn’t too farfetched considering the news lately, it’s too bad our president elect doesn’t agree.
(Jeromy Patriquin is the President of Laptop & Computer Repair, Inc. located at 509 Main St. in Gardner. You can read past articles at www.LocalComputerWiz.com.)