At xposure, we look after the security and integrity of all our customer’s websites. Keeping software up to date and secure is an important part of making sure our websites are safe from hackers. But the most vulnerable point on your website is your passwords and login details. Your staff often store them on their machine, but if someone hacks into an employees machine, they can gain access to these login details and access your website, plus so, so much more. So here are 7 simple tips to protect your machine and network courtesy of our friends at Custard Group.
1. Not changing default firewall passwords
Just about every router ships with a default username and password you use to manage the router. These defaults aren’t even well-kept secrets—a simple Google search will tell you the username and password for just about any router out there. You can download entire lists of known pairs, and there are even the appropriately named website RouterPasswords where you can look up just about any make, model, and default login. Usually, they’re something ridiculously simple, like “admin/admin”.
So, if you don’t want it to be super easy for passers-by to break into your network, you should change your administrator password…before someone changes it for you
2. Allowing all inbound/outbound traffic
A firewall is a security device and is designed to protect your assets. Your default position when configuring the firewall should, therefore, be to deny traffic. Don’t think of the firewall as the device that permits all traffic through, except for the things you want to block. Instead, think of your firewall as the device that blocks all traffic, except for those things you choose to permit.
3. Trusting pop-ups
When the pop-up or alert suddenly appears, it advises the user to take immediate action:
- Install new antivirus software immediately.
- Install recommended updates immediately.
- Remove the detected virus or spyware.
By downloading this fake software, you are also handing them your credit card information and installing software on your computer that the criminals can control, don’t trust pop-ups.
4. Failure to back up files
If your files are not backup and you need to recover data, your company will lose valuable information from accounting information, information about your customers, company email and lots of wasted time. 96% of companies with a robust back up survive a ransomware attack and 90% of business without a robust back up fail within 2 years. 1 in 3 companies are unprepared for data disaster.
5. Failure to update anti-virus software
With 75% of malicious software is created by cybercriminals that aim to infect large numbers of computers and hundreds of new computer viruses and Trojan viruses are being developed every day, to remain protected it is crucial to keep your anti-virus software up to date.
6. Not using encryption technology
Encryption scrambles text to make it unreadable by anyone other than those with the keys to decode it, and it’s becoming less of an added option and more of a must-have element in any security strategy for its ability to slow down and even deter hackers from stealing sensitive information. If good encryption is capable of hindering investigations by FBI experts, consider what it could do for you and your company’s sensitive information.
7. Not having a security policy in place.
Having a comprehensive Security Policy in place is important because it allows your employees to know what is required of them and helps them adhere to safe and secure processes. It also allows management to monitor and audit their security practices against a corporate standard.
If any of this has peaked your interest, then I can recommend a free seminar being run by Custard Group which goes into more detail to help you understand the dangers and provides professional advice on how to remain safe in the digital world.
Find out more about the ’Introduction to Cyber Security Strategy’ seminar. It’s free to attend and could just save you from some very simple mistakes.