For HomeFor BusinessFor Partners
Cybersecurity Awareness
7 min read

Simple Steps to Online Safety

Razvan Muresan

October 02, 2017

Simple Steps to Online Safety

In observance of National Cyber Security Awareness Month, Bitdefender delivers a series of articles on hot topics such as online safety best practices and protecting your company’s assets and integrity. In addition, we provide a set of prerequisites to be considered before seeking a career in cybersecurity. We encourage you to bookmark this blog or connect with Bitdefender on LinkedIn or Twitter to receive follow-on articles (filled with security tips) as they are published.

The year 2017 has already set a record in terms of the number and type of data breaches and resulting collateral damage. Companies around the globe are researching and implementing new security measures to secure their data against a wider and more complete range of threats.

Tips to maximize IT security in your company:

  • Strengthen employee security and loyalty. The insider threat is the greatest, proportionally, followed closely by social engineering. Hire qualified professionals to train staff in security best practices, consider employee background checks, and limit the number of employees allowed access to sensitive data. Only authorized personnel require access to critical and sensitive data, and only by adhering to strict security protocols and advanced authentication mechanisms. Besides two-factor authentication, even two-man authentication could be set in place for critical systems, like financial institutions where large transactions need to be authorized by two or more individuals.
  • Perform an initial security audit.Focus less on existing holes and more on defining likely threats.
  • Consolidate your assetsand simplify management by switching to virtualization, either in the cloud or on-premise.
  • Check provider credentials and contracts when using cloud services and carry out regular security updates on all software and devices. Keeping your software up to date with the latest security patches is important, as various threats, such as ransomware, often use unpatched vulnerabilities as a vector for infection. As a recent Bitdefender survey has shown, attackers now target businesses rather than individual users to extort higher fees.
  • Install a security management solution to consolidate control for virtualized, physical and mobile endpoints. Add firewall protections, too. Securing all devices will make employees more aware of online dangers, even when they navigate on the Internet remotely. Bitdefender security specialists strongly advise CISOs use a security solution specifically designed for the infrastructure it will run on (physical or virtual), instead of a single tool, to deal with these issues:
    • Increased overhead – installing an endpoint solution on different virtual machines hosted on the same servers impacts resources by continuously running redundant apps, such as security agents.
    • Reduced performance – security tools tailored for virtual environments use optimized agents that integrate with a security virtual appliance on server/servers, so files are not rescanned each time a user needs them.
    • Typology of attacks is different – virtual environments often face more sophisticated cyber weapons, such as advanced persistent threats (such as APT-28 and, just recently, Netrepser). Security for virtualized environments is by far the most effective way to detect and fight these complex tools.
  • Implement a password policy that everybody respects (minimum eight characters, unique and complex, regularly changed).
  • Backup your data. Instead of just backing up company data to a separate partition or an external drive, also consider cloud services. As with any cloud-based service, privacy and security remain a priority, so ensure that company personnel are not just doing backups, but that the backups can be restored easily and are stored securely.
  • Secure your wireless network and establish a clear security policy for email, Internet and mobile devices.
  • Train staff in best security practices considering present and future bring your own device (BYOD) trends. Most attacks stem from a single person opening the wrong e-mail attachment. Employees are the last line of defense – they are the ones who click on a link, visit a website or open an email attachment. Taking an active interest in information security and sharing knowledge with fellow workers can go a long way to making the workplace safer.
  • Stop running as administrator. The vast majority of users do not require admin rights when going about their normal business online. Every minute they use the computer with administration-level permissions increases the likelihood that ransomware or other malware might encrypt and corrupt essential databases and other files. When you use your computer with admin rights, avoid browsing websites or opening email attachments.
  • Create, define and implement fast security response procedures. Companies need to define a set of procedures and rules to handle security incidents, and all stakeholders must abide by them. They must cover techniques and methods for identifying, isolating and remedying security breaches. After any security incident, it’s mandatory to evaluate the impact it had on both the company and its infrastructure, and apply the new and necessary security mechanisms for preventing those types of breaches or vulnerabilities.

tags

Cybersecurity Awareness

Author

Razvan Muresan

Razvan Muresan

Former business journalist, Razvan is passionate about supporting SMEs into building communities and exchanging knowledge on entrepreneurship. He enjoys having innovative approaches on hot topics and thinks that the massive amount of information that attacks us on a daily basis via TV and internet makes us less informed than we even think. The lack of relevance is the main issue in nowadays environment so he plans to emphasize real news on Bitdefender blogs.

View all posts

Right now Top posts

Reframing the Narrative: Strategic Defense Against Human Error in Cybersecurity
Enterprise Security

Reframing the Narrative: Strategic Defense Against Human Error in Cybersecurity

April 18, 2024

Understanding XDR Solutions: A People-Focused Guide to Making the Right Choice
Enterprise Security Endpoint Detection and Response

Understanding XDR Solutions: A People-Focused Guide to Making the Right Choice

April 16, 2024

Bitdefender Threat Debrief | April 2024
Enterprise Security Bitdefender Threat Debrief

Bitdefender Threat Debrief | April 2024

April 11, 2024

What’s New in GravityZone Platform April 2024 (v 6.49)
Enterprise Security Endpoint Protection & Management

What’s New in GravityZone Platform April 2024 (v 6.49)

April 11, 2024

FOLLOW US ON SOCIAL MEDIA

SUBSCRIBE TO OUR NEWSLETTER

Don’t miss out on exclusive content and exciting announcements!

You might also like

Reframing the Narrative: Strategic Defense Against Human Error in Cybersecurity
Enterprise Security

Reframing the Narrative: Strategic Defense Against Human Error in Cybersecurity
Sumarlin

April 18, 2024

Understanding XDR Solutions: A People-Focused Guide to Making the Right Choice
Enterprise Security Endpoint Detection and Response

Understanding XDR Solutions: A People-Focused Guide to Making the Right Choice
Daniel Daraban

April 16, 2024

Bitdefender Threat Debrief | April 2024
Enterprise Security Bitdefender Threat Debrief

Bitdefender Threat Debrief | April 2024
Martin Zugec

April 11, 2024

Bookmarks

loader