In the first blog on our security series, we talked about trends to look for in 2017. From data theft evolving to data manipulation to compliance, the Internet of Things and more, there’s no doubt that IT security is a monster ready to rear its ugly head – or many ugly heads, rather.
We’ve been saying for years that the best approach to IT security is a multi-layered one. No one security tactic is a catch-all solution. Most business leaders know that. What gets tricky, however, is deploying the right security solution with the right number of layers, and then continuously updating it as time goes on and new technologies emerge.
No matter your industry or your company size, be sure you have the following components as part of your security profile. If you don’t, consider working with a managed services provider to implement a strong security strategy that aligns with your overall technology goals and the vision you have for your organization 1, 2, and 10 years down the road.
Components of a Multi-Layer IT Security Profile
Email Anti-Spam Filtering – eliminates known email-based Malware that could help a hacker penetrate your infrastructure before they ever even touch it. Protects users from phishing, spearphishing, whaling, weaponized macros, Ransomware, and more.
Perimeter Security/Firewall – blocks unauthorized inbound and outbound access to/from your network, preventing unauthorized intruders from accessing your systems and data – and also adding another layer of Malware protection.
Anti-Virus – protects endpoints and servers from Malware/Spyware from most sources, and quarantines Malware that could enable hackers to access your environment.
Web/DNS Filtering – blocks access to sites (content filtering) that could deliver Malware of other viruses that enable hackers to access your systems and data. Protects users from clickjacking and provides for command and control.
Patch Management – ensures that all aspects of your infrastructure are kept ‘best practice’ for security, reducing threats of Malware of unauthorized access.
Data Backup & Disaster Recovery (BDR) & Business Continuity Planning – protects your company’s data and saves time and money should you ever need to restore it or part of your network (multiple types of backups is ideal, both on-premise and cloud-based). Consider file vs. image backups, recovery time objectives, and recovery vs. continuity as part of your overall data backup and disaster recovery strategy.
Email/File Encryption (in Transit and at Rest) – prevents hackers from being able to read emails or data if they manage to obtain it.
Strong Password & Password Updating Policy – Makes sure employees have passwords that are difficult for a hacker to crack. Requiring updates every 90 days adds more protection, because a hacker who manages to access a workstation will lose it within those 90 days. Don’t use the same password for everything, and consider a phrase instead of a single word, replacing vowels with characters and removing anything personal such as listing your spouse’s name and phone number.
Two-Factor Authentication – dramatically reduces the likelihood that a hacker can log in to a remote desktop system.
Controlled Imaging – ensures that endpoints coming from your provider meet standards for usability, reliability, and security – reducing the threat of security breaches.
Education for Employees – makes employees aware of the critical role they play in a company’s security, and prepares them to look for, identify, and avoid threats – adding the most essential layer to your security profile.
Battle the Hackers: Get the Essential Guide to IT Security
Want to know more about these layers? We’ve put together an Essential Guide to IT Security. Or, reach out to us to discuss your IT management needs as they relate to security, whether it’s HIPAA compliance, security in the cloud, BDR and crisis planning, end-user training, and more.