I’ve been asked this question so many times and continue to get asked. Now lately I’ve been asked by existing clients that we do regular maintenance for “Are we doing enough?”, “Are we doing everything we can to protect ourselves against hacker threats?”
The short answer in my professional opinion is “yes, you can always do more and no, it is never enough.” I know that wasn’t very helpful but it’s the truth. I will explain some of the many options you have in order from basic to more advanced where you will need help.
Although it’s been an issue for years now, the news is picking up on hacker attacks more lately and scaring people into taking action. The threats were always there and will always be here. It will be an ongoing battle and you need to learn how to be safe and protect yourself as best as possible within your budget. The more time and money you spend the better your security. How much is your data worth? Here’s the list with links to more info.
- Anti-virus protection: As basic as it sounds, most people install and forget about it and never check if their anti-virus program is still installed, updating and scanning regularly. Having a managed virus protection such as AVG CloudCare you would have your IT person monitoring your protection for you.
- Windows updates: Another basic thing that most people assume works automatically and it should. Check and make sure it’s running and installing updates as it should.
- Remove outdated software that is no longer used. Update outdated software you still need, and replace non-supported software with different programs that will be supported. If the program is not supported and updated they have vulnerabilities and they can be attacked by hackers.
- Careful what you click. Of all the security protection you could have in place, you could completely undo all that by allowing someone into your computer because you clicked a link you shouldn’t have or fell for a scare tactic online and there are many of those.
- Being on a regular preventive maintenance program will help you with the top three things and more, but it’s up to you to control point #4 above. If you’re running a business, get on a maintenance plan.
- Change your passwords regularly, and change them drastically. Also don’t use the same password for everything. If a hacker figured out your password and it is used for everything, they have access to everything.
- Hacking isn’t always what you think. It could be as simple as you left your laptop unattended and someone stole it, they have access to your data. There are two big things you can do in advance fro this.
- Set a BIOS password. Windows passwords can be easily hacked, I do it all the time for people that forgot their password or got locked out by a hacker. CAUTION!!! If you set the password on the BIOS level, you can’t forget it, there is no resetting it easily. You’ll prevent hackers from turning on your computer but also lock yourself out too and the computer becomes a brick.
- If the hacker just wants to get access to your data, the BIOS password won’t stop them. They can pull the hard drive out of your laptop and connect a USB cable to their computer and copy the data. in this case you will want to encrypt your data. Although they might see your list of files, they won’t be able to open and view anything.
These work hand in hand well because if your files are encrypted but you don’t have a BIOS password, they can boot up your computer, hack your Windows password and have access to all your files and decrypt them before copying to their computer. However if they just try to copy the files across the Internet, even though they could do that while you’re logged in, the files are encrypted and completely useless to them.
- Use a VPN tunnel for all your communications online. We normally associate VPN’s with connecting branch offices or sales reps on the road connecting into the office; but there are VPNs where you can do all your emails and surfing through a VPN service that encrypts and hides all your activity online. It doesn’t really stop hackers from getting into your network directly, but it stops them from seeing your activity and getting hints on how they can get in.
- Lock down or close ports on your firewall. Ports on your firewall are generally opened by default for ease of use. When you close ports certain features won’t work. For example if you block port 80 you’ll have no Internet. Or block port 25, 587, 465 you could be blocking the ability to send/receive emails.
- IDS / IPS (Intrusion Detection System / Intrusion Protection System)
These are sometimes two separate servers / applications and sometimes they are all in one. It’s best to make use of both an IDS and IPS. An IDS will detect hacker attempts coming in but won’t prevent them from getting in, they just alert you it happened. You need to monitor the IDS to see these alerts and take appropriate action.
With an IPS it will stop the hacker attempt based on the rules you have in place, but it won’t detect anything else or alert you of other suspicious behaviors. This is why it’s good to have both, however you need a technician to monitor this for you regularly. Reading the logs can take an incredibly long time.
- Have internal security policies in your organization. This might sound easier to do than above, but it’s actually the hardest to do, and I’ll explain why. You do everything above mentioned to protect and lock down your corporate data; your sale rep is on the road with their laptop connecting to coffee shops, hotels, at home, etc and the have nothing protecting them but their software running on their computer. They get a virus or hacker, they then bring their laptop back to the company, connect to the network and now they brought the hacker into your network. Just like that, the hacker is on the inside.
This is why it’s the most difficult thing to do. What policies should be put in place? Should employees be allowed laptops on the outside? Should they be allowed to use their personal laptops for business or assign company laptops that are locked down so tight they can’t do anything on them but what they are paid to do?
This can be an extremely long topic in itself for internal security policies but it’s worth a whole discussion on it’s own.
That’s just a few things you can do to protect your data. It’s already a long article but you can expect to find more articles that go into greater detail on each particular point I mentioned.