Cybersecurity Awareness Month is fast approaching: tools to protect your business data
By John Hey
You can’t fully protect yourself from cyberthreats. It doesn’t matter how much money you spend or what tools you throw at this problem, your results will be partial at best. Having said that, you still should try to do all you can afford to protect yourself, taking good, sensible measures to at least make your data a hard target.
Often when we look at protection, we look at “defense in-depth,” a layered approach to IT security. First, let’s look at the outer layer, which is the perimeter of your network. There, you place at least a firewall. The next layer: your servers, where you place any anti-virus/anti-malware software and make sure your data is backed up each night.
Finally, you have your employees and their computers, which is the true gooey center of vulnerability. Within this layer is the employee anti-virus/anti-malware software and the proactive training you provide users on recognizing potential threats. This is the absolute minimum you should do — though I’d advise you do more — to protect your environment.
You may be thinking "What’s the point?" especially if you can’t fully protect yourself or afford the number of protection measures that you ideally should have. So, what do you do?
First, invest in measures to more rapidly detect and recover from a breach. The minimum tools we recommend are intrusion detection and intrusion prevention systems (IDS/IPS). These are feature sets that scan traffic in and out of your network and look for anomalies and known traces of threats, and in the case of IPS, shut that traffic down.
Next, within your servers and the inside network (LAN), you employ a security incident and event manager (SIEM). The SIEM analyzes all the log data from your servers, switches, routers, firewalls and key network devices, and recognizes any signatures that indicate a threat. At that point, you will be notified and then you can respond accordingly. For individual workstations and your users, you should employ advanced endpoint protection (AEP) and user awareness training (UAT).
Simply put, AEP is an anti-virus software on mega steroids. It detects threats that normal anti-virus software will not and, upon detection, will quarantine and roll your files back to pre-infection state. This is rapid response and recovery.
User awareness training is the notion of testing your users with fake phishing e-mails, finding out (safely) how many are prone to click on a phishing message, and prescribing them video-based training to attend. You do this several times per year as a continuous means of fortifying and educating your weakest link: your people. These measures will give you a fighting chance to rapidly detect and respond to threats. If you think these measures are financially out of reach for you, know that they are much more affordable than you think — you just must decide to do it.
There are certainly more things you could do, such as multifactor authentication, vulnerability scans, data encryption, domain name system layer protection, risk profiling and dark web scanning. It won’t eliminate all threats, but you can greatly enhance your security posture.
Interested in learning more about cybersecurity and how to better protect your organization? Contact Rehmann today to see how we can help or join us at the Michigan Cybersecurity Conference on Oct. 9 at the Amway Grand Plaza Hotel. Visit michigancybersecurity.com for more information and to purchase your ticket.
John Hey, CBCP, ITIL, Security+, is principal of technology solutions at Rehmann. Areas of expertise include IT strategy and operations, business continuity and disaster recovery planning, and cybersecurity.
Rehmann is a fully integrated financial services and advisory firm that provides accounting and assurance, comprehensive technology, accounting and human resource solutions, specialized consulting and wealth management services. For more than 75 years, Rehmann has provided forward-thinking solutions, making it our duty to anticipate our clients’ daily and future needs. Rehmann has over 900 associates in Michigan, Ohio and Florida. Rehmann is an independent member of Nexia International, offering clients a global approach. Find us online at rehmann.com.