According to the government’s 2017 Cyber Security Breaches Survey, 46% of businesses experienced a cyber attack in the 12 months from 2016 – 2017. Cyber security is a serious concern for every business now and is likely to be a priority for your customers. So how can you help them to achieve it?
1. Ensure network security
Each time a business network is connected to an outside source (for example, the internet) this creates a potential vulnerability for a client business. Careful protections need to be established, from firewalls, to filtering and monitoring traffic to look for signs of attack.
2. Risk assessment and risk management
Being aware of the risks to their business and having a plan in place to mitigate those risks will be crucial for your customer. Cyber security risk assessment is as important as financial or operational risk assessment and should be communicated throughout an organisation.
3. IT system configuration, management and use
A streamlined IT infrastructure, where unnecessary functionality has been removed or disabled, and which is kept up to date and patched against vulnerabilities will be crucial to client cyber security. This requires a secure foundation infrastructure, as well as watertight IT policies.
4. Restricted access
Your client’s staff need only be given user access to the parts of the system that they require to do their jobs. Access does not need to be provided across the board and access to different types of accounts e.g. high risk or day-to-day user activities should be kept separate to provide an extra layer of security.
5. The human factor
The people within any organisation are its greatest defence against cyber attacks and also its greatest vulnerability. That’s why it’s crucial for your clients to invest in educating staff about the potential risks, training them in how to use their IT systems and ensuring that the consequences of poor IT security are written into employment conditions.
6. Monitoring enables a swift response
Some security breaches go undetected for days or even months, allowing cyber criminals to do untold damage. Setting up monitoring on an ongoing basis will allow your clients to notify and act at the first sign of trouble.
7. Disaster recovery could save the day
For many businesses, a cyber attack is a question of “if” not “when.” A disaster recovery strategy will be essential for your clients, in terms of speed of recovery, restricting damage and preventing extensive business downtime. It’s important that a disaster recovery plan is regularly tested and that all who may need to use it are aware of it.
8. Malware protection
Once inside a system malware can do serious damage and it doesn’t take much to let it in. It’s important for your clients to set out in IT policies where the risks lie with malware so that staff are fully aware. Scanning and blocking technology will also be a crucial layer of protection.
BYOD (bring your own device) and flexible working present significant threats to business networks. It’s key for clients to protect internal networks by training staff who will be externally connecting to the business network, restricting access and creating sound policies to govern use.
Removable media can also cause problems for client business networks. Best practice requires that any removable media is scanned for malware and that the use of this type of media is limited wherever possible.
We provide expert IT services for businesses looking to ensure their clients’ experience is both exceptional and secure. Contact us to find out what we could offer to your clients.