We’ve said it before and we’ll keep saying it time and time again: a cyberattack on your organization isn’t a matter of if, but when. No matter how small your business is, ALL organizations and individuals can be impacted by cyber threats. The following cybersecurity fundamentals matter both inside the office and out, but if you have any remote employees of any kind, a cybersecurity policy should be enforced immediately if you don’t already have one in place.
You wouldn’t believe the amount of businesses we walk into only to discover a long list of open accounts for individuals who no longer work there. When accounts are kept active, they’re essentially sitting there and putting your network and private data at risk. Aside from a potential cybersecurity breach, you’re also running the risk of a disgruntled employee logging back in and accessing private company information they should no longer have access to.
If an employee can log into an account, whether it’s email, file-sharing, your VPN, etc., 2FA should be a requirement. This means that there should be an additional step after entering their password, such as a special code only the employee will know. We take a deep diver into 2FA here.
Keeping your organization protected from cyberattacks requires several layers of security. Your firewall can protect private information to an extent, but it takes far more than that to stay protected. At MidnightBlue, we highly recommend adding extra layers of security including Extended Protection and Response (XDR) to your cybersecurity plan. XDR is an integrated security suite that infuses security telemetry, control points, analytics and operations into one system. Essentially, XDR can provide you with less security alerts and instead equip you with quality information and correlated threat data from different security layers into a story that makes sense. XDR shows you why a threat happened and where it came from, so that you can be better prepared in the future and spend a lot less time repairing the damage.
Remember, hackers attack people and organizations who aren’t prepared. Don’t be another victim and make sure your cybersecurity plan is updated and enforced. Following the plan should no longer be optional to employees, especially if they are working elsewhere, outside the walls of your office building. Even if you have cybersecurity insurance, if an attack happens and you don’t have security measures in place such as 2FA turned on, your claim will likely get denied and be of no help to you when the time comes.
Our team of experts at MidnightBlue is prepared to guide you through a checklist of everything your organization should be doing to stay protected against cyber threats. We’re also here to set up the tools for you or reconfigure your settings for the best protection. Give us a call at 412.342.3800 or fill out a contact form here to get started.