Cybersecurity breaches are no longer an emerging threat; they’re already here, and they’re not going away. Fortunately, businesses and governments have become better at preventing cybersecurity incidents or at least minimizing their impact. At NJBIA’s Cybersecurity Summit, computer expert Rashaad Bajwa offered several ways businesses can secure their computer networks at little or no cost.
Bajwa is president and CEO of Domain Computer Services, Inc., and a big part of his job is making sure his clients’ IT networks are secure. As a featured speaker at the event, he presented a list of ways employers can protect themselves from ransomware—computer viruses that lock down entire computer systems until victims pay a ransom to have their files released.
“I don’t want to promise you 100 percent, because there are other things you can do to get yourself in trouble,” Bajwa said. “But if you do most of these things, the likelihood of you getting hit becomes very, very low.”
Here are five things from Bajwa’s list. They are either free, available at no extra cost on software you are using now, or cost very little.
- Inspect your SSL traffic. SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client. It allows sensitive information such as credit card numbers, Social Security numbers, and login credentials to be transmitted securely.
Many businesses already have a device that can be set up to do inspections. Bajwa recommends talking to your IT people or security experts to make sure SSL inspection is enabled and set up for your network, or if necessary, installing an inspection device.
- Employ the “Principle of Least Privilege.” Give the absolute minimum access rights to people on your network. “If Joe is in our operations department, he does not need to have access to the QuickBooks share.”
Too many small businesses have the mentality that everyone should have access to everything, Bajwa said. That just adds risk. By restricting access to some of your network, you can limit the damage a virus can do. In other words, if Joe clicks the wrong link, the ransomware cannot access QuickBooks if Joe cannot access QuickBooks.
- Use an email content filter. “Fifty-nine percent of threats come from email. If you don’t have an email content filter, you are in big, big trouble,” Bajwa said.
Fake emails have become very sophisticated and are difficult to spot in their own right. Add the fact that people get a lot of email and are in the habit of scanning through them quickly, and it’s easy to see why email is the hackers’ preferred method.
An email content filter blocks suspicious emails from getting to your employees’ inbox in the first place and can prevent the bulk of phishing emails from getting through.
- Use a web content filter. While email filters prevent the bad guys from getting in, web content filters keep you and your employees from going to the bad guys and handing them access to the company network.
There are countless ways an employee can wind up accessing a bad website—malicious web links, fake websites, “mal-vertising,” even just a typo made while using a search engine. A web filter will block access to those sites when people try to access them.
- Keep up with software patches. Make sure you update your computer patches regularly. If your computers are fully patched—browser, operating system, java, acrobat—you don’t have many vulnerabilities, Bajwa said. Even if an employee winds up at a rogue website, patches limit the damage that can be done.