Is your organization making these mistakes?
You’ve heard it before. Protect your network, protect your data. While your IT administrators understand the importance of these ideas to a fault, do your employees? According to a report recently released by PT Security, maybe not.
The study was conducted over the course of a year and collected the data of 28 different external pentests, or tests performed by ethical hackers for the purpose of locating network vulnerabilities. When the results were released last month, two major shortcomings in cybersecurity were revealed: weak employee passwords and insufficiently protected web applications.
While a single employee’s login credentials aren’t usually enough to give a hacker unfettered access to the entire network, once a cyberattacker is in the system, other devices can be deployed in order to more deeply infiltrate the system. Essentially, one weak employee password can result in a disastrous cyberattack.
In 77% of the cases, protection vulnerabilities were found in web applications, whether they were in-house apps or third-party software.
For small businesses, this may be an alarming discovery. SMBs are often cited among the most targeted organizations for ransomware attacks, add to that weak employee login credentials and small businesses become sitting ducks for attackers. Fortunately for SMB owners (and all business owners alike,) simple but effective solutions can help protect against the looming threat of data thieves.
CREATE STRONGER PASSWORDS & PASSWORD POLICY
Suffice it to say, employing stronger passwords is the simplest way to correct weak passwords. We all know the password rules— uppercase, lowercase, number, symbol, length. But do we all use them? According to the report, apparently not. Setting and enforcing such password requirements is the first step of defense. And if employees need help getting cr3@t1vE (see what we did there?) to have a truly secure password, password generators can be found online with a simple search.
INVEST IN SECURE WEB APPS
To beef up security when it comes to third party apps your employees use throughout the day, invest in one that takes security seriously. And don’t assume all apps have the same security features. For example, in the cloud backup arena, BigMIND by Zoolz offers the highest levels of protection in the cloud space with 256 AES military-grade end-to-end zero knowledge encryption, while other cloud backup apps focus on different aspects of their service, Zoolz has a known history of focusing its attention on security. Since the report cited web apps as a common entry point, implementing ones that offer secure service is a principal priority.
DISTRIBUTE DISASTER RECOVERY PROGRAMS
While upgrading security protocols is a defensive maneuver against malicious threats to your enterprise data and networks, having a plan in place in case those mechanisms fail is equally as important. That’s where disaster recovery comes in. Performing system backups in the background of network machines, the strongest disaster recovery apps feature incremental and differential backups to the cloud and universality between machines. Incremental and differential backups ensure not only that the cloud storage space you’re uploading to stays efficiently used, it also helps preserve processing power by weeding out redundant data. Similarly, a universal backup is useful for companies whose labor force works on different systems.
Creating strong passwords that can help combat security threats is easy, but ensuring every employee does so is a different story. Fortunately, there are other ways to protect your organization’s data if security measures fail. Having multiple plans in place from the on-set is the best strategy for combating cybersecurity issues and defensive and restorative mechanisms.
Looking to build out your cybersecurity plan? The newest products at BigMIND by Zoolz offer universal backup of your systems and Microsoft accounts. To find out more about Disaster Recovery and Office 365 head to https://www.zoolz.com/bigmind/