Cybersecurity 101: Get the Protection You Need
Typical IT support companies aren’t always great at providing the services you need to give your company protection due to their break/fix business model: something breaks, they fix it, and then they charge you. We, on the other hand, believe in empowering our clients through sharing our expertise and providing unlimited services (at no extra cost) that promote proactive IT management and cybersecurity.
We’d like to share these best practices with you. This is what your current MSP should be doing right now to keep your company secure from the biggest security risks facing small and medium-sized businesses:
Enable MFA for all Critical Cloud Services
It’s not uncommon for hackers to obtain log-in credentials by getting an employee to type their login credentials into a fake login page (this happens all the time!). They’ll then log into their account and send mail or files as the legitimate user. Enable multi-factor authentication on your Google or Microsoft hosted email accounts and on any cloud file services in order to prevent this from happening.
Use Secure Password Managers
You need to use a different, complex, and random password for every website you visit. Hackers break into websites and steal their password databases all the time. If your email address and go-to password is in there, then hackers can log into all the services you use that password for. Avoid the risk by using a password manager like LastPass, Dashlane, or 1Password to keep unique passwords for all of your online activities.
Engage Spear-Phishing Resistance Training
Services like KnowBe4 enable you to run campaigns that try to trick your own users into clicking spear-phishing links; when you see the results, you’ll know who needs more training on what to look out for. We routinely see the success rate of spear-phishing drop from over 20% to under 3% rapidly for our clients who perform spear-phishing resistance training to teach end-users what not to click on.
Enable Spam Protection to Increase Cybersecurity
Ask your MSP if Domain Keys and Sender Protection Framework are enabled for your email domain, and if they’re properly enforced. These cut down the prevalence of spam greatly and reduce the chances that your end-users can be successfully spear-phished.
Enforce Centrally Managed End-Point Protection
Every device that connects to your network and your key cloud services needs to have complete end-point protection on it. This measure can eliminate malware, and it also enforces your security policies, such as requiring hard disk encryption or providing the capability to erase content in the event that a device is lost or stolen. End-point protection should be installed on every device that connects to your network. This includes personal computers that employees use for work. This should be centrally managed by your IT MSP.
How Connetic Can Help
At Connetic, our fixed-price, unlimited support model keeps us constantly searching for ways to keep our customers safe. Safe practices reduce the amount of incident response we have to perform—which we don’t get paid extra for. That’s why we put these solutions in front of all of our clients and implement them at no additional cost. Contact us to learn more about how you can benefit from Connetic’s extensive experience and exceptional services.