Introduction
As reported by our gladiators earlier this quarter, ransomware and cyberattacks have been reaching record highs, and it’s important that local businesses act immediately to secure their IT infrastructure and online services.
A highly complex password and multi-factor authentication are now just basic security measures all businesses should have in place.
Here are the three items you need to enforce across all of your business devices and IT services:
Conditional Access
Enforcement of strict cyber security policies in the Microsoft environment is now commonplace. This includes conditional access, which can be managed by your IT provider of choice.
In simple terms, conditional access is a policy that allows business-approved devices to access company data and cloud services.
In the past, conditional access was limited to only highly secure business networks; however, the ease of implementation and the ability to pre-approve personal cell phone devices using services such as Microsoft’s Intune company portal service allow any size business to become super secure and keep the bad actors out of your network.
Zero Trust Applications
Similar to conditional access, a zero-trust application policy does the same thing but for software; restricting all applications from loading and installing unless it’s on a pre-approved IT list. This is one of the most effective ways to stop viruses and ransomware in your business network, as nothing is allowed to load on your computer/laptop unless it’s on the application white list.
When a new app or software is downloaded and required, it’s just a case of logging a ticket with the IT helpdesk and going through the approval process for installation.
Monitoring of Login Locations
Finally, we come to location monitoring.
Most online services, such as Microsoft 365, now offer reports on where your staff are logging in based on their “IP” address.
Cybersecurity experts will probably not be surprised by global attack traffic in the last quarter of 2021, 41 per cent originating in China, citing, among other things, a “sophisticated hacker network.”
- China 41 % (of the world’s attack traffic)
- U.S. 10 %
- Turkey 4.7 %
- Russia 4.3 %
- Taiwan 3.7 %
- Brazil 3.3 %
- Romania 2.8 %
- India 2.3 %
- Italy 1.6 %
- Hungary 1.4 %
Monitoring on a weekly basis where staff logins are occurring can help pinpoint potential anomalies and help inform when a potential account has been compromised.
It is prudent to inform staff that login locations are being monitored since this service can cause issues with remote workers, depending on if they’re regularly traveling.
If you are uncertain about your current IT infrastructure and online services and want peace of mind that they are indeed secure and following these best practices, then get in touch with us for a consultation.
Get in touch with us
Secutor Cybersecurity is a trusted partner comprised of industry leading experts in the fields of Cybersecurity and Governance, Risk and Compliance. We partner with our clients to deliver on-demand solutions tailored to expertly navigate the regulatory demands of their specific industries.
Our proven track record of successfully exceeding client expectations is achieved through the combination of our methodical approach, advanced technologies, subject matter experts, and synergy with client team members.
Secutor is your team of world-class problem solvers with vast expertise and experience delivering complete solutions keeping your organization protected, audit-ready, and running smoothly.