Many organization have made headlines recently as being victims to cyberattacks, and this makes us wonder if were doing all we can to protect yourself and small business.

Applying foundational security principles is the first step to a sound security practice. A layered security approach accounts for and protects the most common attack methods of cybercriminals. Protecting the network, endpoint devices, email inboxes and user & data solutions form the bands of layered security.

Here are some recommendations for best practices in protecting your valued infrastructure. Follow DP360 Media for the latest updates.

  1. Keep your software up to date, especially your defensive security software: Security software often depends on having the latest and greatest technology so that it can stay ahead of determined attackers. Of all the software you use, it’s most important to keep your security software up to date.
  2. Lock down Remote Connections: The increase from employees transitioning to working from home also pushed an uptick in man-in-the-middle attacks. Remote Desktop Protocol or RDP is an easy way to provide employees remote access, but comes with inherent security risks. Consider creating strong passwords or using a password manager solution, especially for accounts with access to RDP.
  3. Automate third party patching: Cybercriminals have exploited vulnerabilities in third-party software programs like Adobe, Java and web browsers for over a decade, so this may seem obvious to most. Microsoft products and some multi-media players have also made the list.
  4. Implement the principle of least privilege: The principle of least privilege applies a rule set in which users are provided the minimum level of access and permissions needed to fulfill necessary job functions. By restricting wider access to high-value data and machines, a protective mechanism is achieved and hedges against credential harvesting and theft.
  5. Have an incident response plan: There may come a time when defensive measures fail, even for those that follow cybersecurity best practices to a tee. If the worst should happen and data is stolen or exposed for example, it won’t be a good idea to “wing it.” Building out a comprehensive plan may seem overwhelming but the investment will prove well worth it should the need arise.

DP360 Media is a Managed Services Provider, find out how we can help your organization.