Hierarchy of IT Security

When thinking about IT Security, the list of management tasks can be overwhelming.  We’ve put together a simple list of protections that should be included in every cybersecurity plan.  

1. Managed IT Services

A quality managed service provider will assume responsibility for the security of the network infrastructure.  Unlimited support almost guarantees that the MSP will go out of their way to make sure that firewalls, routers, access points, BYOD and IoT devices are always up to date and secured.

2. End User Training

Real IT security is a team effort between the MSP and the end user.  Over 60% of all breaches occur due to user error.  It is important to provide continuous training to all computer users on security best practices providing real world examples.

3. Password Management

Strong Unique passwords are necessary to protect critical systems and services.  However, it is almost impossible to remember all the passwords necessary.  A password management system allows you to use strong unique passwords for all sites and services while only having to remember one master password.

4. Web Filtering

When a user does make a mistake and click on something that they shouldn’t, and a link is opened to a malware distribution site, web filtering is the first line of defense.  It will automatically block any sites known for distributing malware.  It can also be configured by the administrators request to block other content that might hinder productivity, such as social media sites or job posting sites.

5. Anti-Virus Protection

If web filtering doesn’t catch the questionable site, then the anti-virus kicks in and blocks any malicious scripts from running on the user’s workstation.  Downloaded, or new device files are automatically scanned prior to being allowed to open or run.  If malware is found it is automatically quarantined or deleted.

6. Patch Management

Most malware programs depend on vulnerabilities in the software programs that we use on our computers.  Those programming bugs could be in the operating system, or in other software programs installed on the computer.  It is important to patch all software with the latest security updates to eliminate as many vulnerabilities as possible.

7. Cloud Backup

If all else fails to stop the malware before it is installed, then it is possible that all the data on that computer has been compromised.  In the case of ransomware, the data can be encrypted so that it is no longer accessible to the end user.  The encryption key can cost thousands of dollars for some businesses.  However, a daily off-site backup can allow the MSP to restore the computer and the original data to the date of the last successful backup, eliminating the need to pay the ransomware criminals any money.