There are many shows on cable today that portray instant recognition of a breach. To repeat what all others in the actual cyber industry say . . . not realistic.
Think of the scenario where an employee opens a file or accesses a malicious Web site. Step one is done. Nothing happens; the employee shrugs his or her shoulders and moves on. Nothing happened, so we are all good, right? Wrong. In reality, malware can happen behind the scenes with no visual effect at all at the time of being infected. The malware is just lying in wait. It either waits for an external signal–a preprogrammed time or until a specific action on the host computer is done. A hacker then would have access to look around, doing nothing noticeable, just checking things out . . . until the time that he finds what he wants.
Six months pass. All of a sudden, systems are breached, potentially causing loss of controls, data, or financial information. And no one knows where or how it happened until a thorough investigation finally points back to the past point in time.
It sounds unavoidable, right? No, it’s not unavoidable but the chances increase all the time that it will happen to your business. But if you take steps to protect and prepare as much as possible, the damage can be potentially avoided or at least somewhat overcome.
How? Here are 5 steps to try to avoid or quickly recover from a breach:
- BACK UP!!! Enough said. Think cloud, separate, secure, and frequent. Ransomware, a type of malware, takes over your files and holds them hostage. With a secure and separate backup, your business can go on operating.
- Train. Train your employees for anything that could happen. Teach them about current cyber threats; keep them informed. They can be considered an additional “firewall.”
- Use patch management. The days of worrying about how frustrating the changes will be from new updates are over. Patch consistently . . . because many of the patches today are security related and crucial to staying protected.
- Apply multiple layers of security. Your firewall will not protect you from a threat that originates internally. And yes, many happen using some form of an internal breach such as phishing and e-mails with malware links, or by way of privileged credentials whether internally or from a breach at a third-party contractor. Get a comprehensive employee Web-use security solution that will block access to malicious sites and links.
- Monitor. Watch it all. You will see trends, user behavior, and anomalies. Monitor network activity and the activity that accesses the Internet. Guest Wi-Fi networks, BYOD, and employee Web use should be included. Make sure you have visibility into what is going on with a solution that not only provides real-time monitoring, but also forensic-level detail reporting easily accessible by both IT and managers.
Overall, taking steps to ensure your business is protected is crucial, but know that you can still keep critical business operations functioning following any type of breach. Providing proactive solutions to protect, secure, and manage your business’s Web use in a cost-effective, agile, and customer-centric way is what we do. Let us help.
About Wavecrest Computing
Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.