Senaca Shield Presents 10 Top Tip For Small Business Cyber Security



Similar documents
National Cyber Security Month 2015: Daily Security Awareness Tips

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

Stable and Secure Network Infrastructure Benchmarks

Don t Click That Link and other security tips. Laura Perry Jennifer Speegle Mike Trice

Cybersecurity Best Practices

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

10 Quick Tips to Mobile Security

Malware & Botnets. Botnets

NATIONAL CYBER SECURITY AWARENESS MONTH

How-To Guide: Cyber Security. Content Provided by

What Data? I m A Trucking Company!

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

EndUser Protection. Peter Skondro. Sophos

What Do You Mean My Cloud Data Isn t Secure?

Top tips for improved network security

Basic Computer Security Part 2

INFORMATION SECURITY FOR YOUR AGENCY

This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.

10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group

How To Protect Your Data From Being Hacked

INFORMATION SECURITY BASICS. A computer security tutorial for Holyoke Community College

Safe Practices for Online Banking

Laptops, Tablets, Smartphones and HIPAA: An Action Plan to Protect your Practice

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

CYBER-SAFETY BASICS. A computer security tutorial for UC Davis students, faculty and staff

Cyber Self Assessment

Ibrahim Yusuf Presales Engineer at Sophos Smartphones and BYOD: what are the risks and how do you manage them?

Data Access Request Service

Why is a strong password important?

Internet threats: steps to security for your small business

IT Security DO s and DON Ts

Home WiFi & Networking: Best Practices

Secure Your Mobile Workplace

The SMB Cyber Security Survival Guide

Cyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security

Small businesses: What you need to know about cyber security

Windows Operating Systems. Basic Security

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.

10 Smart Ideas for. Keeping Data Safe. From Hackers

Endpoint protection for physical and virtual desktops

Cyber Security. John Leek Chief Strategist

Small businesses: What you need to know about cyber security

Wireless Network Best Practices for General User

7 VITAL FACTS ABOUT HEALTHCARE BREACHES.

CYBER-SAFETY. A computer security tutorial for UC Davis students, faculty and staff

Chapter 15: Computer and Network Security

Why The Security You Bought Yesterday, Won t Save You Today

LAW OFFICE SECURITY for Small Firms and Sole Practitioners. Prepared by Andrew Mason, Scott Phelps & Mason, Saskatoon Saskatchewan

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.

SNOOPWALL FLASHLIGHT APPS THREAT ASSESSMENT REPORT

Section 12 MUST BE COMPLETED BY: 4/22

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Egress Switch Best Practice Security Guide V4.x

Enabling Business Beyond the Corporate Network. Secure solutions for mobility, cloud and social media

Kaspersky Security for Mobile

10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection. September 2011

Securing Patient Data in Today s Mobilized Healthcare Industry. A Good Technology Whitepaper

Hot Topics in IT Security PREP#28 May 1, David Woska, Ph.D. OCIO Security

PREP Course #25: Hot Topics in Cyber Security and Database Security. Presented by: Joe Baskin Manager, Information Security, OCIO

InsightCloud. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS?

Information Security Awareness Training. Course Outline. Provides a brief orientation to the topics covered in the module.

Keeping Data Safe. Patients, Research Subjects, and You

13 Ways Through A Firewall

Detailed Description about course module wise:

Cyber Essentials Scheme

Corporate Account Takeover (CATO) Risk Assessment

A Bring-Your-Own-Device (BYOD) Solution Brief

Protecting personally identifiable information: What data is at risk and what you can do about it

Cyber Security Best Practices

A practical guide to IT security

Transcription:

Senaca Shield Presents 10 Top Tip For Small Business Cyber Security Presented by Liam O Connor www.senacashield.com info@senacashield.com #Senacashield

Small businesses need cyber security too. This slide show touches on 10 of the top security best practices that small businesses should consider when protecting their network SENACA SHIELD [

1. Common Passwords are Bad Passwords Passwords are your first line of defense when it comes to security. Cybercriminals trying to break into your network will start their attack by trying the most common passwords. SplashData uncovered the 25 most common passwords and you may not believe what some people are using. Ensure your users are using long (over 8 characters), complex (include lower case, upper case, numbers and non alpha characters) passwords. The 25 Most Common Password (if you have one of these, change it NOW!) 1 password 2 123456 3 12345678 4 abc123 5 qwerty 6 monkey 7 letmein 8 dragon 9 111111 10 baseball 11 iloveyou 12 trustno1 13 1234567 14 sunshine 15 master 16 123123 17 welcome 18 shadow 19 ashley 20 football 21 jesus 22 michael 23 ninja 24 mustang 25 password1

2. Secure Every Entrance All it takes is one open door to allow a cybercriminal to enter your network. Just like you secure your home by locking the front door, the back door and all the windows, think about protecting your network in the same way. Consider all the ways someone could enter your network, then ensure that only authorized users can do so. Security Audits, pentest s to find the problem before a hacker does. Ensure strong passwords on laptops, smartphones, tablets, and WIFI access points separate from main network Use a Firewall with Threat Prevention to protect access to your network Secure your endpoints (laptops, desktops) with security software such as Anti-virus, Anti-SPAM Anti- Phishing and Encryption. Protect from a common attack method by instructing employees not to plug in unknown USB devices (BYOD)

3. Segment Your Network A way to protect your network is to separate your network into zones and protect the zones appropriately. One zone may be for critical work only, where another may be a guest zone where customers can surf the internet, but not access your work network. Segment your network and place more rigid security requirements where needed. Public facing web servers should not be allowed to access your internal network You may allow guest access, but do not allow guests on your internal network Consider separating your network according to various business functions (customer records, Finance, general employees)

4. Define, Educate and Enforce Policy Actually HAVE a security policy (many small businesses don t) and use your Threat Prevention device to its full capacity. Spend some time thinking about what applications you want to allow in your network and what apps you do NOT want to run in your network. Educate your employees on acceptable use of the company network. Make it official. Then enforce it where you can. Monitor for policy violations and excessive bandwidth use. Set up an Appropriate Use Policy for allowed/disallowed apps and websites Do not allow risky applications such as Bit Torrent or other Peer-to-Peer file sharing applications, which are very common methods of distributing malicious software Block TOR and other anonymizer s that seek to hide behavior or circumvent security Think about Social Media when developing policy

5. Be Socially Aware Social Media sites are a gold mind for cybercriminals looking to gain information on people, improving their success rate for attacks. Attacks such as phishing, spear phish or social engineering all start with collecting personal data on individuals. ( Barclay's Bank and Santander UK, Fine Gael website ) Educate employees to be cautious with sharing on social media sites, even in their personal accounts Let users know that cybercriminals build profiles of company employees to make phishing and social engineering attacks more successful Train employees on privacy settings on social media sites to protect their personal information Users should be careful of what they share, since cybercriminals could guess security answers (such as your dog s name) to reset passwords and gain access to accounts

6. Encrypt Everything One data breach could be devastating to your company or your reputation. Protect your data by encrypting sensitive data. And make it easy for your employees to do so. Ensure encryption is part of your corporate policy. Sleep easy if laptops are lost or stolen by ensuring company owned laptops have pre-boot encryption installed Buy hard drives and USB drives with encryption built in Use strong encryption on your wireless network (Consider WPA2 with AES encryption) Protect your data from eavesdroppers by encrypting wireless communication using VPN (Virtual Private Network)

7. Maintain your Network Like Your Car Your network, and all its connected components, should run like a well oiled machine. Regular maintenance will ensure it continues to roll along at peak performance and hit few speed bumps. Ensure Operating Systems of laptops and servers are updated (Windows Update s are managed on all Systems) Uninstall software that isn t needed so you don t have to check for regular updates (e.g. Java) Update browser, flash, Adobe and applications on your servers and laptops Turn on automatic updates where available; Chrome, Firefox, Adobe Use an Intrusion Prevention System (IPS) device

8. Cloud Caution Cloud storage and applications are all the rage. But be cautious. Any content that is moved to the cloud is no longer in your control. And cybercriminals are taking advantage of weaker security of some Cloud providers. When using the Cloud, assume content sent is no longer private Encrypt content before sending (including system backups) Check the security of your Cloud provider Don t use the same password everywhere, especially Cloud passwords

9. Don t Let Everyone Administrate Laptops can be accessed via user accounts or administrative accounts. Administrative access allows users much more freedom and power on their laptops, but that power moves to the cybercriminal if the administrator account is hacked. Don't allow employees to use a Windows account with Administrator privileges for day-to-day activities. Limiting employees to User Account access reduces the ability for malicious software (better known as malware) to do extensive damage at the "administrator" privileged level. Make it a habit to change default passwords on all devices, including laptops, servers, routers, gateways and network printers.

10. Address the BYOD Elephant in the Room Start by creating a Bring-Your-Own-Device policy. Many companies have avoided the topic, but it s a trend that continues to push forward. Don t avoid the elephant in the room! It comes back to educating the user. Consider allowing only guest access (internet only) for employee owned devices Enforce password locks on user owned devices Access sensitive information only through encrypted VPN Don t allow storage of sensitive information on personal devices (such as customer contacts or credit card information) Have a plan if an employee loses their device [

Thank you for watching! For a FREE consultation to discuss any concerns on your cyber security needs please contact Senaca Shield below info@senacashield.com 00353 45 408119 00353 861910200

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information