THE IT GUIDE
Best Practices: Cyber Incident Prevention
Incidents happen — the JDAH Corp ethos is “Not If, But When.”
Not all cyber criminals Think Big when it comes to selecting targets.
In fact, cyberattacks are often carried out against small and mid-size businesses (SMBs) due to the belief that weaker security measures are at play; SMBs to cybercriminals can be easily exploited and create quick returns. Recovery from phishing, ransomware, malware, DDOS, or even hacking — all of which we call “incidents” — can be a huge challenge for any SMB and it’s a position that no small business owner wants to be in.
We work with our clients to develop an incident response plan after assessing their risks and evaluating their needs. A well-crafted strategy accepts the reality that incidents will happen and a well-rounded plan includes proactive and reactive protocols and procedures to mitigate damage and reduce downtime. It’s helpful, however, to make sure you and your team are familiar with some incident response best practices.
— Our recommended best practices:
We encourage implementing essential proactive incident responses like requiring VPNs for remote access to on-site data, multi-factor authentication for logins, updating and patching software, and training your teams for cybersecurity awareness and improving their cyber hygiene. These additional steps will add extra layers of security:
Ensure your remote teams receive a tech-onboarding
Your teams need to know how to securely access company data and collaborate with each other, especially if they are transitioning between remote and hybrid work. The more comfortable your team is with using these tools, the more effective they will be in protecting your system.
Deploy single-sign-on (SSO) and password management
A single sign-on solution can make your users’ login process easier by allowing them to log in once to a central system and then access all the other applications and systems they require. When used with a password manager that can securely generate and store passwords, the user login process gets simpler without compromising on safety.
Encrypt your data
Data encryption is the process of converting information into a code that can only be deciphered by someone who has the key to decrypt it. It is done to prevent unauthorized individuals from accessing the information. Data encryption is a critical tool in cybersecurity since it can help reduce the exposure of your data to risks and ensure compliance with data privacy regulations.
Have backup and disaster recovery solutions
Check on your BCDR solutions regularly - a strong and fast recovery relies on frequent and reliable backups. Each company is different, but we recommend daily backups at minimum.