Skip Ribbon Commands
Skip to main content

How To Stop a Hacker

Limiting business exposure to cyber crime

Andrew Walman

09/03/2017

More than half of UK businesses suffered from some form of cybercrime attack in 2016.

With the rise of ransomware as a way for criminals to make money from viruses, and more connected devices being used in business than ever, the likelihood of your business suffering due to cybercrime is higher every day. If you haven’t been hacked already – you will be soon.

 

Encounter rates for significant malware categories

Trojans are the most encountered malware through 2015, the exploits through which ransomware is then planted.

From 2016 Trends in Cybersecurity – Microsoft

Thankfully, there's some easy steps you can take to ensure your business never gets hacked:

  • ​Turn off all your PCs, laptops, servers and phones
  • Move your business to a cabin in the woods

You may find customers are reluctant to visit your cabin, particularly in the winter months. And the bank may not accept smoke signals as a means of communication. So how do you secure your business against hackers without going off-grid?

 

​1: Prepare To Be Hacked​​

It's inevitable. At some point in the future, even with the best cyber-security in the world, your company will be hacked. Virtually every large corporation in the world – including those whose business it is to combat hackers – has been hacked, and chances are, if you haven't been hacked already, you will be soon. Make sure you minimise potential losses be being prepared:

  • Check your backups: make sure you are backing up all your business data, and that these backups are kept separate from your regular data – either physically (such as removable media) or virtually (using a cloud backup system). Retain multiple backup points, and ensure critical data is backed up several times a day. If you do get hacked, the simplest way to recover is simply restore from backup, than to try and cleanup corrupted files or work out what's missing. With a ransomware attack, restoring from backup is often the only option – other than paying up.
  • Have a disaster recovery plan: with a good backup regime in place, work out how you would respond to an attack – which systems to recover first, which employees need to take action, how to communicate with your customers and staff. Rehearse the plan regularly, and improve it as systems change.
  • Know your data: work out where you have vulnerable/sensitive data, and what can be done to reduce its vulnerability. Delete old records and files – you don't want to be securing anything you don't need, nor explaining to customers that last bought from you 10 years ago, why their personal data has been compromised. Compartmentalise your data so it can't all be accessed using the same method or username. Ensure the most sensitive data is harder to access, is encrypted, and access is audited.
 

2: Reduce Your Exposure

Hackers go for the easy targets. Make things hard for them, by reducing your "attack surface" and actively looking for vulnerable spots that could be exploited - then remove them.  

  • Outsource your utility IT: Email is the primary source of malware within any organisation. Your company gains no competitive advantage by maintaining and securing its own email infrastructure, its just a sinkhole for IT resources and money. By outsourcing your email system to a specialist provider, you benefit from an email system that is constantly updated to be secured against the latest threats, is designed to be highly available – and will be more economical than trying to achieve the same features in-house. The same goes for other "utility" systems, such as backup, telephony, and archiving.
  • Secure your endpoints: PCs, mobiles, laptops, Macs – they all connect to your company infrastructure, and increasingly, they don't fall under company control as people bring their devices into the workplace, work from home, or use their mobile for business emails and apps. Make sure every device that connects to your network is patched, has the latest anti-virus signatures, uses encrypted storage, and only allows authorised people to use it – if not, don't let it connect. Consumer devices (non-domain) are twice as likely to encounter threats as enterprise machines (2016 Trends in Cybersecurity – Microsoft).
  • Don't forget the backdoor: or more usually, the front door, as people walk into your reception, and attach whatever they like to an open network port, USB slot, or just slurp your WiFi. It's easy to concentrate on the online threats, and forget the physical security – often a hacker can steal far more, with less effort, by walking into a business than they can sat at home. And hackers don't have to be strangers – the biggest threats can come from within your own staff, who know where your most valuable data is.​
 
 
Malware and unwanted software encounter rates for domain-based and non-domain computers

Consumer devices are more than twice as likely to encounter malware than enterprise devices​.

From 2016 Trends in Cybersecurity – Microsoft

3: ​Take Advice

By reading this far, you’ve already shown you’re open to new ideas about how to protect your business. The next step is to engage an IT consultancy to further improve your cyber security. As consultants, we’ve seen many types of business, many threats, and many attacks. We can bring our experience of securing against hackers, recovering from attacks, and reducing threats to your company.

Fuse can implement the technologies needed to reduce your exposure to threats, and to recover quickly from a successful attack – often for far less than recovering from an attack without these technologies in place.

 

You can never stop every hacker. You can prevent your business suffering from hacking.

Contact us today to discuss how.

​​​
​​

 About us

Fuse Collaboration Services is a Cloud Solution Provider and Microsoft Gold Partner specialising in delivering SharePoint, Skype for Business, and Azure cloud-based solutions. Based in Northampton, UK.

Microsoft Gold Partner Logo showing 5 competencies

Read more

 Latest Tweets

 Latest Blog

 

 

‘We’d love you to stick around’. But stick around where?3728<p class="lead">Here at Fuse Collaboration Services both our personal and professional email inboxes are receiving a steady flow of emails from companies asking us to stay on their mailing lists. This is the most obvious and public aspect of the new GDPR that is currently being implemented.</p><p>There are a couple of positive side-effects from these new regulations, not least that by forcing you to opt in to mailing lists to make sure you are only receiving what you want to receive a company will really know how engaged you are, making your email address all the more valuable when it comes to marketing.</p><p>Companies have been responding to the GDPR changes by re-working their data management policies, but how much time is being put into how these policies can be enacted day-to-day, especially away from the aforementioned marketing email lists?</p><p>For example, if you have written a policy that says that emails are going to be stored for one year before deletion, how are you going to store them away from an active email server (thereby reducing the burden on a day-to-day server), or keep hold of them once a member of staff leaves? Or what happens if data is accidentally deleted by a member of staff?</p><p>Furthermore, data security is made all the more important as more and more companies opt for a flexible working approach where their staff can work from remote locations, such as home or (dare we say it) a high street coffee chain with its free Wi-Fi access.</p><p>Domestic or public internet access networks are unlikely to have the same levels of security as a company's, which makes it all the more important that any data transfer between a central hub and remote laptop is encrypted and has the latest security.</p><p>Chris Evans of Computer Weekly has highlighted <a href="https&#58;//www.computerweekly.com/feature/GDPR-brings-serious-implications-for-data-storage" target="_blank"> <span style="text-decoration&#58;underline;">five areas</span></a>&#160;which will impact the day-to-day work of the data storage manager under GDPR, including&#58;</p><ul><li>encryption; </li><li>detailed application-to-storage mapping;</li><li>security and audit; </li><li>validation of test and development requirements;</li><li>and collaborating closely with colleagues.</li></ul><p>Ultimately, you need to be able to give all your customers, clients, stakeholders and staff the confidence that their data and documents are stored securely, but also in a way that allows you to respond to data requests quickly and efficiently without having to wade through a mound of irrelevant information.</p><p>You also need to have the peace of mind that any deleted information can be recovered within your policy timetables, whether they be one year, five years, or longer than that.</p><p>There is also a danger that you could be sucked into a one-size-fits-all approach using policy and storage templates that have been designed for organisations that are in a different sector or are of a vastly different size to your own.</p><p>Fuse's data back-up and storage solutions tick all of the boxes you need to have that peace of mind to concentrate on your main business, namely growing as a company, while also being tailored to your specific needs.</p><p>Fuse uses a mixture of cloud-based packages to meet your requirements and allow your staff to access their relevant information <em>securely </em>regardless of where they are working. Our solutions are also easy to monitor by your in-house IT team, so that in the unlikely event of a data breach it can be identified, resolved and reported quickly.</p><div class="well well-lg"><p class="lead">Give us a call on 01604 797979 and we can have a chat about how you can make sure your data policy matches your day-to-day operations and requirements.</p></div> | Chris Wearmouth | 693A30232E777C6675736563735C632E776561726D6F757468 i:0#.w|fusecs\c.wearmouth16/05/2018 23:00:002018-05-16T23:00:00ZData security and rentention in a cloud based infrastructureData security in a cloud based infrastructure14/06/2018 09:56:102278htmlFalseaspx

 Contact us

Our address
12 Brookfield, Duncan Close
Moulton Park, Northampton
NN3 6WL
P: +44(0)1604 797979
Contact Us