Digital security is a business concern that is just as important for small, growing companies as it is for large corporations. With digitalization and the openness businesses must embrace, the risk of cyberattacks increases as a direct consequence. For most companies, digital security is fundamentally about survival.
In this article, we will examine entry points from a hacker’s perspective. We will highlight the risks and show how tools like Safestate can be used to enhance protection.
Fake invoices, viruses, Nigerian scams, fraudsters, malware, and phishing—email has always been a very popular entry point for hackers to infiltrate businesses. This is primarily because people are generally unaware of the risks and are not very skeptical about what lands in their inboxes. Historically, European companies have been relatively spared from cyberattacks, but in recent years the problem has grown to an unsustainable level.
There are a few things you should consider to increase the security of your email. Raising awareness among yourself and your colleagues about what can happen if you click on the wrong link or download a file infected with malicious code is an obvious measure. However, there are some less obvious steps that are just as important.
Enable SPF, DMARC, and DKIM
SPF, DMARC, and DKIM can be thought of as the email equivalent of a firewall. Simply put, if all three are enabled, an attacker will not be able to use your email address to send messages pretending to be you. This is a common method used in phishing attacks. An outsider uses your email address as the sender to either attack your colleagues (since the email appears to come from you) or attack your contacts (suppliers, subcontractors, or customers).
There are also valuable advantages to enabling SPF, DMARC, and DKIM. For example, it reduces the likelihood of your emails ending up in the recipient’s spam folder when sending to an unknown recipient.
Safestate offers an SPF, DMARC, and DKIM service that tests your setup and then automatically monitors it to ensure it remains configured. Naturally, we will notify you if anything changes.
Spam Protection/Antivirus
Ensure your company has an antivirus program and spam protection. These tools block and prevent simpler attacks, reducing the number of incoming potential security risks.
Multi-Factor Authentication and Passwords
This is often repeated for a reason: both are critically important for security. Multi-factor authentication (MFA), also known as two-factor authentication, is a security feature that requires users to verify their identity using multiple methods. Typically, this involves combining a password with another form of verification, such as a one-time code or a notification sent to the user’s phone.
By enabling MFA for your accounts, you reduce the risk of email account hijacking, as multiple verification methods are required for access. Even if a password is leaked—a common occurrence—an additional verification step would still be needed to access the account.
This brings us to the next measure: never use the same password for multiple websites. Using different passwords reduces the risk of all your accounts being compromised if one password becomes known to an attacker. Therefore, it’s essential to use unique and secure passwords for every critical account or service. Email is a prime example of such an account. It’s also a good idea to use a company-wide password manager to generate auto-generated passwords, ensuring no two service passwords are the same.
Our Dark Web service monitors your company’s email domain and alerts you if an email linked to the domain appears in a leaked database. You can read more about this service on our website.
In Summary
Enabling multi-factor authentication and using unique passwords for each account significantly increases security and reduces the risk of account hijacking.
System
All systems are vulnerable, especially older, custom-built systems. If they are exposed to the internet, the risk of cyberattacks is significantly higher. Typically, attacks occur when hackers exploit vulnerabilities in the system to gain unauthorized access.
One of the most critical actions you can take is to ensure the system has a robust backup solution, with at least one copy stored in the cloud and another kept offline. Regular backups are essential, as is having a plan for system replacement in case of a cyberattack. After a system is hacked, it’s common for it to become infected with ransomware. With a functioning backup solution and a recovery process in place, you can minimize downtime. Additionally, it’s crucial to protect the data processed by the system, especially if it involves sensitive information.
Securing the System
For custom-built systems, you should work on hardening the system. This involves enhancing the system’s security by, for example, disabling unnecessary functionalities. A range of technical measures can be implemented to improve security.
Scanning the system for vulnerabilities and addressing them is a cost-effective way to boost its security. To ensure vulnerabilities have been properly addressed, you can conduct penetration testing. In simple terms, this involves hiring a penetration tester to attempt to hack the system. This should be done after resolving known vulnerabilities in the system.
For purchased systems, regular updates are essential. Updates often include security patches that fix vulnerabilities in the software. Ensure all systems are up to date, including operating systems, software, and network devices.
Additional Security Measures
- Enable multi-factor authentication where possible.
- Ensure the system is behind a firewall and protected by antivirus software.
- Consider using an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS) to detect and prevent attacks and identify breaches.
Incident Response Plan
Finally, develop an incident response plan to follow when something happens. This ensures that everyone in the company knows what to do to address potential threats or breaches as quickly as possible, minimizing damage.
Website
Just like systems, backups for your website are crucial. Ensure that all systems and components, such as content management systems (CMS), plugins, web servers, and any third-party systems, are kept up to date. Systems that are not updated often contain more vulnerabilities and are at greater risk of cyberattacks. Passwords are also critical. Use unique, strong passwords and enable multi-factor authentication wherever possible.
SSL
Most companies today use SSL certificates. This technology encrypts data transmitted between users and your web server, making communication more secure. An SSL certificate is essential for e-commerce sites.
WAF
A WAF, or web application firewall, helps protect web applications from the most common cyberattacks by filtering and monitoring traffic between a web application and the Internet.
CDN
A CDN is a service that, simply put, copies your website to multiple geographic locations and serves the version closest to the visitor. This service protects against denial-of-service (DDoS) attacks and makes it harder for an attacker to execute a cyberattack.
Importance of Comprehensive Protection
It is essential to ensure that your company has robust protection to prevent damage to your operations and maintain the trust of your customers and partners. If you have implemented most of the measures discussed in this article, you will be able to withstand many different types of attacks.
By being proactive and continuously improving your security, you can reduce the risk of your company being affected by a cyberattack. If you have questions about how Safestate can support your business, please reach out to our support channel.