Environmental

Security

Keeping our lives secure is no longer as simple as locking a window and door. We live and work in a combination of physical locations and cyberspace, meaning that to keep cyber-safe you need to look at the interactions across both areas. We classify the implementation of the actions and technologies you need to protect yourself as ‘Environmental Security’.

Sarah Hurley, COO XaaS Ltd

In a bit more detail:

The way in which your business interacts with the world at large is your environment.  From physical security through to online systems and infrastructure, keeping it as secure as possible is important.  Employees (people), actions (process) and systems (technology) must be combined to enable your business to carry out its operations in the safest way possible.

Here are 4 quick wins to start you on your cyber-health journey to improve in environmental security; click on the icon or scroll down to see more detail:

Implement anti-virus or EDR across your company

Install software or hardware firewalls between your company and the internet

Use secure transfer tools for sending and receiving data, e.g. when exchanging information with third parties

Use email filtering, for example an anti-spam solution

Implement anti-virus or EDR across your company

An endpoint is an device connecting to your company’s network, infrastructure, systems or cloud, e.g., A server, laptop, workstation, tablet or mobile phone.

In general endpoints either provide access to, or store data on them.  This means that for most attackers the endpoint is the first step in gaining access to your business data.  Protecting your endpoint is probably the single most important thing you can do to reduce your risk.

Depending on the size of your organisation a modern anti-virus product will provide a good amount of protection.  An evolution of antivirus are  Endpoint Protection and Response (EDR) products, which provide a holistic approach to endpoint protection for larger businesses.

Some simple steps you can take to protect your endpoint devices are:

Install software or hardware firewalls between your company and the internet

Your laptops, computers and network (whether at home or in a corporate office) at some point connect to the internet.  Although the internet can be a productive and fun place, it is also the wild west when it comes to security.  Beyond your device or internet router is an ocean of hackers and bots just to name a few, many of them automated and programmed to look for an opportunistic opening into a device or network.

The gateway to the internet will either be your mobile device or an internet router, so ensuring these are configured correctly will help protect your business from a cyber-attack.

Some simple steps you can take to protect your laptops and network are:

Use secure transfer tools for sending and receiving data, e.g. when exchanging information with third parties

For the most part, all businesses need to exchange information with a supplier or a third party.  For general day to day activities email works well.  However, when exchanging sensitive information, it is important that this is carried out in a more secure way, as email is not classed as a secure transfer mechanism.

Some simple steps you can take to send and receive data securely are:

Use email filtering, for example an anti-spam solution

In the region of 333 billion emails are sent across the globe every day.  This number is staggering and opens the opportunity for scammer to make use of the sheer volume reaching our inboxes every day.

These scams range from phishing emails to those that contain malicious viruses programmed to steal your business’s information.

An anti-spam solution acts as a gateway to interrogate emails and only let through those which seem legitimate.

Some simple steps you can take to protect your business from Spam mail are: