The face of cybercrime has changed, alongside the strategies used. It’s no longer just the teen hacker in their bedroom, it’s a variety of different people with a broadening array of tactics. And what’s more, in the current climate of goodwill it is increasingly easy to get caught up in one of these traps.
With this in mind, there’s no harm done in brushing up on five cybersecurity principles that can help you and your business mitigate the more common tricks and attacks used by cybercriminals:
1. Least Privilege
Just because you trust everyone in your business doesn’t mean that your receptionist needs the same access levels as your CEO. Give users minimum necessary access and leave your most valuable data vulnerable to far fewer breach points. You wouldn’t give a hotel guest a key for every room in the hotel.
We don’t use drawbridges and castle walls anymore for a reason – they give a false sense of security and encourage lax approaches to security within the walls. Once your attacker infiltrates your outer-defence the threat’s inside and there’s nowhere to hide.
Breaking down your network into layers and self-contained areas keep the entire system protected and ensures your access points aren’t left vulnerable to attack. Don’t neglect your perimeter, but don’t rely on this alone. This is where intrinsic security – building it into your network and your application platform – makes security sense.
As a business model flexes to meet the needs of a COVID-landscape, it is this type of security that will help meet these needs. And should there be a breach – it is contained without infecting the rest of your business.
Think of encryption as the last weapon in your arsenal against hackers – except with cybersecurity it keeps you ahead of the game. If all else fails and your firewalls and access protocols are breached, encryption means that all the critical data you have stored is useless to them.
Like a Rubix cube, if you don’t know how to decode it and put it back together, encrypted data is a difficult puzzle to crack. Basic cyber-hygiene means encrypting your files and data before sharing. The same applies to encrypting network traffic wherever possible.
4. Multi-factor authentication
From thumb-print ID to facial recognition, security is becoming personal. But even implementing basic two-factor authentication stops the first wave of breaches. And, the more personal we get with authentication, the more secure our networks will be.
After all, your thumbprint is much more difficult to steal than your pin code!
Systems require updates for a reason. Every time malware gets more advanced your service providers respond with system and software updates. Don’t remain in the past. Upgrade and update to stay ahead of your attacker’s game.
By Jeremy van Doorn, Sr Director of Solutions Engineering at VMware EMEA
Follow IT News Africa on Twitter