Establish Processes
The core of keeping your business secure starts with Process. IT does a decent job with common tasks such as setting up password expirations and checking backups, but what about having reviewing active user accounts? At least every quarter, IT should produce a list of all active user accounts and have HR verify that they should still be active and have the right access rights. Do you have this process in place? It’s important to be aware of your weak spots.
Email Encryption
Everyone has seen the standard for encrypted email – you login to a secure web portal to view the message. But if you have a client or business you frequently communicate with, that can quickly become very cumbersome. Most email encryption solutions have a way to enforce a secure protocol (“TLS”) for all communications with a specific email domain, letting you email normally while staying secure.
User Awareness Training
All the security in the world cannot save people from social engineering, defined by Webroot (a leading security company) as the “art of manipulating people so they give up confidential information”. Everyone has seen the emails – fake invoices, wire transfer requests and other scams. While implementing technical security is a key step, user awareness training is an easy way to further protect your business. Two popular services are https://www.wombatsecurity.com/ and https://www.knowbe4.com/. Use these to make sure that people recognize any threats that manage to make it through your defenses.
Multifactor Authentication
Also, sometimes called two factor, it is something you probably have seen and been told you need. You likely have experience with (MFA) from logging into your bank accounts already. Lots of businesses are adding it to their networks as well, especially for remote access.
Although you can purchase multifactor solutions outright, a subscription based product is often preferred. As technology changes, a product purchased outright can quickly become obsolete. A subscription based provider is going to continue to provide new features and also integrations as new software becomes popular. Here are a few products worth considering:
- Microsoft 365/Azure:The Azure multifactor service is very affordable and integrates with just about every service under the sun.
https://azure.microsoft.com/en-us/services/multi-factor-authentication/ - Duo: A robust solution, although it’s a little more expensive ($3/user/month).
https://duo.com - Ping: A very flexible product that works well for more complex environments:
https://www.pingidentity.com/en/products/capabilities/multi-factor-authentication.html