Best method to protect your business from Internet attacks is not to be on the Internet at all. No one can attack your business if you don’t have Internet access.
This is, of course, a ridiculous suggestion for business owners. But, there is a point to it. In fact, this is how good security experts start implementing access to specific applications, servers, sites or the whole Internet. First, they block everything, then start opening only essential items, and giving access only to approved users. I recommend the same mentality while setting internet access in your company.
As today's ransomware, malware and other attacks are very sophisticated, it is impossible to trust only one tool or a method. Traditional firewalls are no no longer capable of detecting and preventing most internet attacks. Cybersecurity is like an onion with multiple layers. Multiple methods, tools and features need to be utilized, while constantly updating these tools, and continuously enforcing cybersecurity rules in the company.
Here is a list of cybersecurity recommendations for your business:
- Block all pornographic, gaming, social media and other suspicious sites which are not essential for your business.
- If your business does not need to access every country in the world, use the CountryBlock feature on your internet firewall to block suspicious countries, so that no one from those countries can send or receive any data packets from your company.
- Unless your business needs it, block getting advertisements on all company devices with an AdBlocker.
- Do not allow your employees to connect their personal phones or laptops to your network.
- Guest WiFi access should be avoided unless there is no cell phone signal in your company. If you must, keep it as a separate WiFi network which cannot access your computers. Never give the company WiFi account to your guests.
- Make sure all company computers have updated and modern cybersecurity software. Nowadays, all popular computers come with antivirus and firewall software. Make sure they are automatically updated.
- Force employees to use Multi Factor Authentication (MFA) for all business critical applications which should provide information on how to enable it.
- Backup your critical business data. If possible, encrypt the backup, and keep an offsite copy.
- Use a next generation cybersecurity solution with Intrusion Prevention System (IPS) and real-time alerts to block intruders and get notifications for any suspicious activities.
If you have any questions, suggestions or objections, please share them in the comments.