search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Storage


time, or simply because it is not part of the daily, weekly or monthly schedule, will not protect against a breach. Without update patches, soſtware is potentially exposed to cyber criminals who will not hesitate to exploit vulnerabilities. With regular backups, the recovery of lost data will always be more straightforward, and is likely to lead to a satisfactory outcome, even if systems are compromised. By embracing a regular and monitored update process and


recognising the advantages of soſtware maintenance and hygiene, organisations will reinforce their defences and protect themselves against potential threats.


Be careful with administrator accounts When was the last time your company, or your customer, updated their admin passwords? For most organisations this is done annually at best, but it is a practice that should be carried out at least every quarter. Businesses should avoid allowing accounts with high privileges.


Tey wield significant power, and the laxity surrounding them transforms them into prime targets for attackers. Malicious actors can leverage compromised admin credentials to circumvent access controls on various resources or IT systems and gain entry to a company’s sensitive data. Implementing the principle of least privilege, granting temporary


privileges judiciously, and monitoring them meticulously can curb accidental data breaches and keep ransomware propagation in check. Additional safeguards such as separate admin and employee accounts, email encryption, sensitive data detection, and multi- factor authentication fortify defences against malicious exploitation of privileged accounts and bolster an organisation’s overall cybersecurity posture.


Choose good passwords Te worst possible scenario is one in which users deploy the same password for every account, amplifying the risk of credential compromise. Too many users still rely on easily guessable passwords, such as “password” or “123456”. Even robust passwords are not immune to compromise – especially if they are shared with co- workers or are stored in unsecured documents or devices. IT professionals have also been known to have bad habits, sharing


passwords with colleagues, and even relying on post-it notes for password management. It is not just good practice, but essential, that employees use separate login credentials for their personal and work-related accounts. Regular rotation of passwords and the use of a password manager


should be supplemented with regular training for employees to ensure they understand the consequences of poor password security. Organisations should also incorporate security reminders during login processes, to serve as a reminder.


Check who can access company-issued devices Blending private and professional computer usage brings about a myriad of security vulnerabilities. According to Statista up to 20% of UK workers permitted friends and relatives to use their company devices in 2021. While enabling someone to quickly check emails seems harmless, such actions open the door to potential malware attacks and put sensitive data at risk in the process. Tough it is


www.pcr-online.biz


unlikely that trusted friends or family are intentionally looking for sensitive information to exploit, they may mistakenly download malware that could provide access to corporate data, cloud applications, and storage. Te best approach for businesses is to establish clear policies


regarding the devices that employees are allowed to us for corporate purposes. Encrypted USB drives and SSDs are a great solution for remote


or travelling employees who require access to sensitive company data, but whose devices are at even greater risk than those working in the same location every day. All devices should also be equipped with necessary security controls, including screen locks, two-factor authentication, application blacklisting, and remote wiping solutions.


Don’t fall for phishing or social engineering attacks We’ve all heard about the perils of phishing attacks, which are a widely used exploitation using social engineering to gain access to data. Research suggests that as much as 98% of cyberattacks use phishing tactics. Hackers trick users into providing sensitive information or downloading malware by sending emails that appear to be from a known source, and which oſten include an easily clicked link or an infected attachment. Given the sheer number of accounts and passwords that


employees use daily, it is all too easy to reset a password when an email appears to come from a trusted colleague. If these attacks are used to deploy ransomware or any other malware, the result can be permanent data loss, unless a backup is in place. Despite increasing awareness of these threats, many people still become victims, through lack of caution or training, or through bad luck. Tis is why it is so important for businesses to conduct ongoing


awareness and training for employees. A regular reminder about the dangers of phishing will keep everyone on their toes. While no amount of training or preparation will curb every incident of data loss, the provision of a thorough and consistent data backup and storage process will ensure that the risk is minimised, and sensitive data can be quickly retrieved.


The answer - backup and storage In the digital age, data loss isn’t just a technological problem, it’s deeply human. Mistakes are inevitable but businesses, and their channel partners, can prepare. As well as awareness, training and business continuity, the use of external SSDs and fast USBs to regularly backup data is essential. With these in place, we recommend a 3-2-1 strategy: 1. Keep three copies of the data – the original and an additional two copies.


2. Use different drives and do not store multiple backups on just one drive.


3. Keep one copy offsite so, in the event of a critical event such as fire or flooding, which could destroy one or both active backups, a third will still be available.


Tis approach allows for the inevitability of human error and a cyber-attack, but ensures that despite this, a recent version of the data will be secure, giving the organisation more than a fighting chance of a fast, satisfactory resolution.


May/June 2024 | 39


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52