Environmental
Security
Keeping our lives secure is no longer as simple as locking a window and door. We live and work in a combination of physical locations and cyberspace, meaning that to keep cyber-safe you need to look at the interactions across both areas. We classify the implementation of the actions and technologies you need to protect yourself as ‘Environmental Security’.
In a bit more detail:
The way in which your business interacts with the world at large is your environment. From physical security through to online systems and infrastructure, keeping it as secure as possible is important. Employees (people), actions (process) and systems (technology) must be combined to enable your business to carry out its operations in the safest way possible.
Here are 4 quick wins to start you on your cyber-health journey to improve in environmental security; click on the icon or scroll down to see more detail:
Implement anti-virus or EDR across your company
Install software or hardware firewalls between your company and the internet
Use secure transfer tools for sending and receiving data, e.g. when exchanging information with third parties
Use email filtering, for example an anti-spam solution
Implement anti-virus or EDR across your company
An endpoint is an device connecting to your company’s network, infrastructure, systems or cloud, e.g., A server, laptop, workstation, tablet or mobile phone.
In general endpoints either provide access to, or store data on them. This means that for most attackers the endpoint is the first step in gaining access to your business data. Protecting your endpoint is probably the single most important thing you can do to reduce your risk.
Depending on the size of your organisation a modern anti-virus product will provide a good amount of protection. An evolution of antivirus are Endpoint Protection and Response (EDR) products, which provide a holistic approach to endpoint protection for larger businesses.
Some simple steps you can take to protect your endpoint devices are:
- Install a reputable antivirus product (for smaller businesses, free anti-virus will help) on all your endpoint devices
- Make sure the anti-virus is set to update at least once a day and runs regular scans
- For larger businesses, install an EDR. These work differently from Anti-virus and provide a greater umbrella of protection
Install software or hardware firewalls between your company and the internet
Your laptops, computers and network (whether at home or in a corporate office) at some point connect to the internet. Although the internet can be a productive and fun place, it is also the wild west when it comes to security. Beyond your device or internet router is an ocean of hackers and bots just to name a few, many of them automated and programmed to look for an opportunistic opening into a device or network.
The gateway to the internet will either be your mobile device or an internet router, so ensuring these are configured correctly will help protect your business from a cyber-attack.
Some simple steps you can take to protect your laptops and network are:
- For your office, install a broadband router with a built-in firewall, disable external administration and change the default admin password
- Your computers and laptops should have their software firewall enabled (either native to the system or a third-party firewall)
- Only allow outgoing services from your device or network to the internet. Unless you have a specific reason, do not allow any services inbound from the internet
Use secure transfer tools for sending and receiving data, e.g. when exchanging information with third parties
For the most part, all businesses need to exchange information with a supplier or a third party. For general day to day activities email works well. However, when exchanging sensitive information, it is important that this is carried out in a more secure way, as email is not classed as a secure transfer mechanism.
Some simple steps you can take to send and receive data securely are:
- Encrypt and password protect sensitive information in emails using an application (i.e., Winzip). Send the password to the 3rd party via another channel such as SMS or a different email address
- Use a secure transfer service to send files, there are many solutions available
- Make sure you validate the person you are sending information to, so you can trust that your sensitive information is sent to the right person
Use email filtering, for example an anti-spam solution
In the region of 333 billion emails are sent across the globe every day. This number is staggering and opens the opportunity for scammer to make use of the sheer volume reaching our inboxes every day.
These scams range from phishing emails to those that contain malicious viruses programmed to steal your business’s information.
An anti-spam solution acts as a gateway to interrogate emails and only let through those which seem legitimate.
Some simple steps you can take to protect your business from Spam mail are:
- If you haven't already, move to a reputable on-line email provider such as Microsoft or Google, as these services inherently provide spam filtering services
- If your email is in-house and you can’t move to the cloud, procure a spam-filtering service or product to reduce the number of spam emails reaching your inbox
- Always double check an email before you click on any links or open any attachments. If you were not expecting it, then it is probably spam!