AdobeStock_121298187.jpeg
AdobeStock_171389419.jpeg
Artboard 1.png
AdobeStock_121298187.jpeg

Basic Security Measures


Is your business doing enough to protect against common cyber attacks?

SCROLL DOWN

Basic Security Measures


Is your business doing enough to protect against common cyber attacks?

Preventing Cyber Crime

Attacks are rising in frequency and sophistication. Your organization must protect itself from criminals who wish to infiltrate your systems and hold your business ransom. Many companies struggle to figure out where to start, and other organizations have no insight into the effectiveness of their current IT security systems and practices. ZAG wants to help your business protect itself from a security breach before it is too late.  

 

Learn how to improve cyber security

Learn how criminals enter your environment

 
 
Data Loss.png
Profits.png
Breaches.png
 

Basic Cyber Security Measures

In our explainer video, ZAG recommends the following measures be taken by all companies to prevent common attacks:

  • Change Administrator User Name
  • Enable Account Lockouts
  • Add Web Filtering Software
  • Patch Systems on a Timely Basis
  • Add Anti-Virus Everywhere
  • Segmentation of Admin Roles
  • Turn on Server and PC Firewalls
  • Implement Air Gap Backups
  • Implement SAN with Secure Snapshots
AdobeStock_171389419.jpeg

Cyber Security Frameworks


Implement or improve your existing cyber security framework

Cyber Security Frameworks


Implement or improve your existing cyber security framework

Cyber Security Assessments

Our security assessments are designed to address the unique needs of the SMB, mid-market and SME organizations. ZAG's Security Assessments provides a structured assessment of your strengths, weaknesses and maturity in regard to the Information Technology processes. These assessments are based on the CIS Top 20 Critical Security Controls and NIST Cybersecurity Framework. 

At the end of each assessment, ZAG's findings and analysis of your IT environment will be presented in a document along with our recommendations to reduce the amount of cyber security risk and improve security practices.

Cyber
Hygiene

Practical
Security

Security
Framework


Let ZAG Help You

 

Not sure which assessment is right for your business? Talk to one of our Technology Strategists, so we can understand your business needs and goals. 

Name *
Name
Business Phone
Business Phone
 
Artboard 1.png

eBook: Basic Cyber Security Measures


Basic security measures that every company should take to defend against cyber security threats.

eBook: Basic Cyber Security Measures


Basic security measures that every company should take to defend against cyber security threats.

Basic Cyber Security Measures Every Company Should Take

Regardless of your industry, product, service or size, all modern businesses are forced to be IT companies. Organizations have complex IT infrastructures, IoT devices, corporate and guest networks, business applications, servers, databases, a system of workstations and so much. Solving business problems with technology solutions can bring many benefits, but also comes with inherent risks and vulnerabilities. Every new device on your network provides a potential vessel for attack.

In 2017 alone, there were 53,308 cyber security incidents according to the 2018 Data Breach Investigation Report by Verizon. For businesses, cyber threats are a matter of “when” not “if.” You need to have systems and practices in place to respond to a threat, and make sure that your company continues to operate normally. 

Even with the rise in security breaches, 95% of ransomware victims refused to pay the ransom (average $50,000). Many felt that paying the ransom would not result in getting their systems back or they felt they could recover on their own. 

The following are ZAG’s recommendations for basic security measures that all companies should deploy to defend against cyber threats. These are the minimal steps that should be taken to secure your systems. Each one should be incorporated into your overall technology strategy. If your organization needs help implementing these steps or establishing cyber security practices, contact ZAG today. 

Change Administrator User Name

The default Administrator account exists on all versions of Windows with “Administrator” or “Admin” as the username. By renaming this account, you make it slightly more difficult for unauthorized people to guess the username and password combination of this privileged account. 

Another option is to create a new Administrator account specific for your organization and disable the default Administrator account to prevent people from being able to use it to attack your organization.

Losing control of a normal user account can be detrimental to the organization, so losing an Administrator account can become catastrophic.

Enable Account Lockouts

Many attacks use a brute force method to find a username and password combination. This is done by guessing passwords. To counter this tactic, you should enable Account Lockouts. This sets the number of failed login attempts before an account becomes “locked.” 

A locked account cannot be used until it is either reset by IT or a predefined number of minutes has passed. This effectively stops an attacker from guessing a strong password.

With 81% of hacking-related security breaches leveraging stolen and/or weak passwords. Account Lockouts are a good way to contain a compromised user account.  

Add Web Filtering Software

There are many benefits to adding Web Content Filtering software to your organization’s network. You will be able to reduce the risk of malicious software being installed and the likelihood of ransomware, malware, and adware from being downloaded. 

Symantec found that 1 in 13 URL’s analyzed at the gateway were found to be malicious. In the event of an infection, some solutions can block the “payload” of malware and stop the infection from progressing.

In addition to reducing risks from phishing and ransomware, you can use Web Content Filtering to enforce your organization’s acceptable use policy. This allows you to prevent employees from going to websites that your company deems inappropriate or unfit for the workplace.

Patch Systems on a Timely Basis

Patching keeps machines running the most up-to-date operating system and software. While this may be difficult to accomplish, patching is something that needs to be done to 100% of the systems on your network. 

One of the great myths in computers today is the Zero Day threat; the vulnerability no one has seen before that will be used to take over your network. The vast majority of attacks succeed because of poor patching practices, with 70% of successful cyber attacks exploiting known vulnerabilities where patches were available. 

Keeping operating systems, anti-virus, and software all up to date is one of the best defenses against a cyber attack. Patches can be auto-scheduled to run daily, weekly or monthly based on production windows and device types. 

Add Anti-Virus Everywhere

Having Anti-Virus software deployed and updated on every system in the network is an important layer of defense. This will stop many different types of attacks from either infecting a system or, more importantly, spreading throughout your network. 

Since all devices and systems are susceptible to security breaches, it only makes sense that you should install Anti-Virus on everything. Anti-Virus detections of coinmining went up 8,500% in 2017. 

Since modern malware focuses more on taking your money and holding you ransom, actual computer viruses are less common these days. However, today’s Anti-Virus solutions fight off spyware, Trojans, rootkits, adware, ransomware and more.  

Segmentation of Admin Roles

Least Privilege is a rarely implemented but often discussed principle that states users should log on with an account that has the absolute minimum permissions necessary to complete the current task and nothing more. Doing so provides protection against malicious code and other attacks. 

The consequences of a network administrator unwittingly opening an email attachment that launches a virus provides that virus with access to everything under the administrator’s privileges. By using the least privileges necessary to read email or surf the web, the potential scope of the compromise is greatly reduced.

Since 63% of all network intrusions and data breaches are due to compromised user credentials, this extra layer of security can make a major difference if a criminal gains access to an admin account. 

Turn On Server and PC Firewalls


The days where all computers inside the network perimeter can be trusted are long gone. It is no longer necessary or advisable for all computers to have access to each other. The built-in Firewalls are designed to filter network data transmissions to and from your Windows systems and block harmful communications and/or the programs that are initiating them. 

Most servers and workstations have built-in Firewalls that add an extra layer of protection to your devices. In 2017 there were 1,579 publicly disclosed data breaches to businesses (up 44.7% from 2016).

Enabling firewalls can stop a wide-range of attacks and limit the spread of viruses and malware within the organization.

Implement Air Gap Backups

If your organization is infiltrated by a criminal they will try to delete your data backups if there is online access to the backup data files. There are a number of technologies that will create and store an air gapped backup of your organization’s data. 

Understanding the Recovery Point Objective (RPO) and Recovery Time Objective (RTO) requirements for returning critical systems to an operational state will assist in selecting the correct technology for backup. 

Barkly found that 81% of IT professionals were confident that restoring from backup would produce full recovery, however only 42% of ransomware victims were able to recover all their data. Many sited that local, accessible backup drives had become encrypted. 

Implement SAN with Secure Snapshots

If you are using a Storage Area Network (SAN) to provide a high-performance network, then implementing secure Snapshots can be your last line of defense after a security breach. Since these Snapshots are not accessible by the native operating systems, they are generally overlooked by automated ransomware.  

These secure images of your virtual machines will allow you to restore critical systems more quickly and can potentially get your organization back up and running. 

Adding secure snapshots to your SAN provides the ability to revert your data to a specific period in time when the data was healthy. After a security incident has occurred, your snapshots may be the only way to recover parts of your data.