By Jake Ouellette, Compliance Analyst, CompassMSP
How do hackers actually get into your network and wreak havoc? Movies and TV shows lead us to believe it requires complex dark magic. Spoiler alert: it’s not magic!
The truth? Hackers are lazy!
Most hackers that target small to medium-sized businesses are lazy – they don’t want to work hard to crack your network. They want to attack what’s easy, quick and will make for a good return on investment. So, the question is – how do we make it harder and slower, so it’s simply not worth their time?
The reality is that most organizations skip basic cybersecurity hygiene and make it easy for hackers to get in!
5 Ways to Defend Your Organization Against Hackers
Below are five tips to defend your network against hackers. They are the basic cyber hygiene that a lot of companies ignore, leaving themselves wide-open to attack and providing hackers low-hanging fruit to feed on:
Have an SOP (Standard Operating Procedure) for employee terminations
Terminated employee accounts may often be left active and open to compromise. These accounts go unaccounted for and unmonitored and could be just the thing a hacker is looking for to increase their access to your network!
Create an SOP that includes a user termination form that clearly states the day and time of termination and what to do with their email (forward to another user, closeout, etc.). This form should be completed by an HR representative and should be sent to your IT team to properly deactivate the account and prevent any access after the termination.
Limit unnecessary ‘administrator’ access and create a process for requesting it
Users should only have the minimum permission level required to do their work, but it’s common for organizations to ignore this standard security. But what happens if a trusted employee’s account gets compromised and that account has way more access than it needs? That gives hackers instant access to a lot of your network.
So, organizations must limit administrator access and create a formal process to request and grant this access. This process helps prevent unnecessary administrator accounts. Any request should be vetted to verify that the user has a business need for administrator access.
Change default credentials on critical applications and infrastructure
All devices and applications typically have initial, or default login credentials set so you can get in for the first time to configure it. You’d be surprised how many people forget, or choose not to, change these default usernames and passwords!
Did you know that default credentials can often be found with a simple Google search; many password hacking tools have these default credentials saved and ready to be used right away!
There is a simple fix; change those default credentials immediately! Some vendors even recommend making your own admin account and outright disabling the built-in admin account
Stop using “End of Life” operating systems and software
Operating systems have a shelf life called “End of Life.” That means they are incredibly vulnerable to attacks! After that shelf life expires, these machines typically stop receiving security patching from their manufacturer, increasing those vulnerabilities.
It affects all types of systems – servers, workstations, switches, routers, etc. Every piece of hardware that keeps your business running has some sort of software under the hood that may be unsupported.
The solution is to make sure your vendor(s) still supports your software and hardware. And, as soon as you are aware that support is coming to an end, you should plan your next step to upgrade to a newer, supported version. For any software or hardware, you can’t replace, work with your IT team to develop a plan that works for your business and keeps it safe.
Use MFA (Multi-factor Authentication) for remote access to network or email
Passwords just don’t cut it anymore. They are often easily guessed, compromised by clicking on the wrong link or leaked in password breaches. The best way to secure yourself and your company is to enroll in Multi-Factor Authentication (MFA). MFA is a simple way to add an extra layer of protection to the sign-in. It requires you to use additional identity verification, such as scanning a fingerprint or entering a code received by phone, to vastly improve your security stance.
MFA is often configured for use with external email access and VPN or remote access into your company network.
Once MFA is set up, you’ll get alerts that someone tried to sign in to your account…if it wasn’t you, you can alert your IT team, who can dig in further and properly handle the situation.
Don’t Delay, Implement These Steps Now
Using these five tips, you will be five more steps ahead of the cybercriminals. These concepts aren’t complicated to put into place; they just take a little bit of extra effort to make a world of difference.
If you’d like some help determining where the security gaps in your organization are, please contact us today!
Request A Free Consultation