It’s no secret that cyber attacks are on the rise, with ransomware being one of the biggest threats of 2017. In this day in age we are all so “connected” storing copious amounts of data on the cloud (and locally on devices), data like personal photos, credit card info, and work related items. We then use devices such as tablets, laptops, smartphones, and smartwatches putting this data at our fingertips, accessing it wherever we are in the world (providing there is an internet connection). To some people these devices are a lifeline, it gets them to their next appointment, auto purchases household items, stores travel itinerary and allows them to take work on the road with them. Now imagine if you lost it all with one press of a button. One malicious email attachment. One bad link disguised as a legitimate one. One phishing attempt that claims your computer has been infected. That’s all it takes for a hacker to take control of your device, to take control of your data, and to take control of your digital life. Worried? You should be, but rest assured there are things you can implement to help safeguard your device, and improve your network security. Three of the most important being Operating System (OS) updates and patches, implementation of a hardware firewall, and Endpoint Security. Maintaining these these key components will not only make your device more secure, but it will give you the peace of mind knowing you (and your data) are protected against cyber attacks.
Operating System (OS) Updates and Security Patches…I’ve heard of these before, what are they and do I really need them?
Yes, you really do need them. Vulnerabilities and security holes in your device’s OS are often one of the most common things a hacker will set their eyes on. These holes are essentially a back hole into your system, once in, they have full access to do what they want, when they want without you knowing. Software developers like Microsoft, are always working to fill these holes and correct these vulnerabilities. They release these fixes in the form of updates and patches, which are often times done automatically by the OS.
Updates don’t just apply to security, they also ensure other third party software is kept up to date. This includes software like Skype, as well as drivers that improve or fix hardware functionality (Sound card, video card, etc)
Endpoint Security..What is this and how does it benefit me?
First off, an endpoint can be a desktop, laptops, server, smartphone, tablet, or other specialize devices that an end user uses to access a network or the internet. Endpoint security (EPS) is the act of securing these devices through specialized software from outside threats such as viruses, malware, ransomware, etc. As crucial as it is to have the latest OS updates and Patches, it is even more crucial to run solid EPS software giving you that additional line of defense. Some features you will find in EPS software often includes real time protection, automated scanning, software firewall, email protection (Outlook), and web browser protection.
Hardware Firewall…not sure what you mean there?
Firewalls come in two varieties, Hardware and Software. As you can imagine software firewalls typically reside on a computer or server and are often included in Endpoint Security Software. What I am referring to here is a hardware firewall. I could write pages upon pages detailing what a firewall does and how each feature benefits you, but we will keep it short and simple. Think of it as a barrier around your entire network, protecting every device inside, keeping the proverbial fires at bay. Digital firefighters! With a hardware firewall all data travelling in or out of a network is examined based on specific user defined criteria, if the data does not meet this criteria then the firewall will block it. This is extremely effective in keeping malicious activity from even entering your network in the first place.
For Example, a common way hackers exploit your system is through specific ports on the net, think of ports as a number door, only specific data can go through its assigned door. For this example we will use port 3389, this is used for remote access (more specifically Remote Desktop). With proper configuration one can use this port to access their computer at the office from the beach they are sitting at in Hawaii…or booth at Starbucks. If that port is not configured properly, you are essentially opening that door for anyone and everyone with the right know how to stroll right in – you can imagine what happens next.
What should I be doing to keep my device protected and improve my network security?
Do you have an IT Service Provider that manages your devices? If so, then you can sit back and let them handle it while you focus on your business.
No IT Service provider? You have a little work to do. First I would consult with an IT Service Provider and see if the management services they offer are a good fit for you. If they are not, here a few things to make sure you have in order.
- Configure Automatic Update, and make sure they are running on a regular schedule.
- Purchase (Yes. I said purchase, no free software) Endpoint Security Software such as BitDefender. Make sure it is set to automatically update, and the logs are checked on a regular basis.
- Install a Hardware Firewall into your network and make sure it has the latest definitions installed as well as the latest (stable) firmware.
Regardless if you have an IT Service provider you should always practice safe browsing. Not sure what I mean? Here is a quick list of tips.
- Only visit and download software from sites you trust
- Avoid clicking attachments within an email from unknown senders
- Avoid following links within an email from unknown senders
- Make sure your web browser is up to date
- Make sure any web browser protection is enabled within your EPS (or antivirus) software
Now you know a little more on protecting your devices and the data on them, you’re probably wondering what happens in the off chance a threat gets through and trashes your data. Next month we will discuss ‘Managed Data Backup’ this will cover what can be done to protect your data both onsite and offsite. Stay tuned