Many businesses mistakenly believe that cyber security isn’t a priority and a simple antivirus software will protect them from cyber attacks, when in fact according to the Cyber Security Breaches Survey 2020 cyber attacks have become more frequent, with 46% of businesses report having suffered a cyber security breach or attack in the last 12 months.
Things are worse for medium sized businesses where this number rises to 68%.
You cannot rely simply on an antivirus software to protect your businesses critical data, you must consider a multi-layered approach in order to protect your business and bounce back if you were to experience a data breach.
Why you can’t rely on antivirus alone?
Antivirus only helps protect against known viruses and cyber criminals strive to create new and sophisticated methods to attack everyday. These attacks therefore would be unknown threats and will not be stopped by your antivirus.
Tools can be used to bypass antivirus protection without any detection, such as a legitimate Windows 10 troubleshooting tool called “wsreset.exe” which is usually used to troubleshoot and allows users to diagnose problems with the Windows Store.
It’s not just a case of not clicking suspicious links or visiting dodgy sites, criminals are highly sophisticated and can pull malicious content onto legitimate sites and bypass antivirus without anybody realising, which puts businesses in a vulnerable position if they do not take the necessary steps to help protect their data.
Datto reports that even when you use the below antivirus and email/spam filters, SMEs still fall victim to cyber attacks. This emphases the need for a multi-layered approach with business continuity at the core.
- Antivirus software
- Email/spam filters
- Ad/pop-up blockers
- Endpoint detection and response platform
What can you do?
You need to implement a multi-layered Cyber Security approach, talk to your IT department or IT support provider who will be able to advise. A mix of solutions and support are needed but one of the most important things you must do is educate your team.
With 90% of data breaches down to human error, be sure to give your team regular training to empower them with the knowledge needed to help spot criminal activity.
Visit some of our free, educational resources:
Things to consider and implement:
- Physical Access: Locked rooms and restricted areas
- Network: Local area network switches, routers, firewalls, wireless, intrusion prevention systems, remote access servers, protocols, network operating systems (OS) and wide area networks
- Servers: OS, applications and databases
- Endpoint Devices: User Management
- Data Protection: 2FA, password management
- Disaster Recovery Planning: Business Continuity
- People: Security polices, business conduct guidelines and local regulations
When it comes to disaster recovery planning, it is important to consider the possibility that your data could be compromised and if hackers are holding your data for ransom, you are able to retrieve your data from the last hour and in other words, continue business as usual.
How can we help?
If you are looking for IT help and would like to discuss how we can help meet your business needs and secure your data, either email info@complete-it.co.uk or visit our contact us page.
Every organisation is different which is why every solution is.