2. Patch applications
All internet-facing software and apps need to be updated to the latest versions right away. The hackers behind the current threats are exploiting known vulnerabilities for which patches are already available. Updating your software will close known vulnerabilities off from hackers. Reliable app providers are prompt to act and provide ‘patches’ for known threats via software updates, so it’s always best practice to keep install the latest available updates within 48 hours of them becoming available.
3. Patch operating systems
Never use outdated or unsupported versions of your operating systems for your devices. Always ensure your smartphones, tablets and computers are operating with the latest version of their system installed. If a new operating system update arrives, be sure to download and install within 48 hours of it becoming available.
4. Application control
Effective application control will prevent unwanted malware – malicious software – from being able to open and operate on your network. If you have it correctly set up, only approved applications can run on your systems, so even if an employee unwittingly opens or tries to install malicious software, it will do no harm.
5. User application hardening
The ACSC recommends you configure your web browsers to block or better still uninstall Flash, ads and Java script on the internet. It’s also wise to disable any features you don’t need in Microsoft Office (e.g. OLE), web browsers and PDF viewers. That’s because these are popular ways hackers use to get malicious code onto your systems.
6. Block macros
Speaking of Microsoft Office, it’s recommended to configure Office to block macros from the internet. If you only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate you remove the risk of internet macros delivering and executing malicious code on your network.
7. Restrict admin privileges
ACSC describes your operating system and applications’ admin accounts as the ‘keys to the kingdom’ and rightly so! Your admin accounts have the most control and highest levels of access. That’s why it is vital to regularly evaluate the need for privileges and only provide access to those for whom it is essential.
8. Backup daily
Ransomware criminals rely on your need for your own files and data. If successful, they hold this information for ‘ransom’ and demand payment for its release. One way to mitigate risk of becoming prey to these cybercriminals is to conduct regular backups of your software and data files. Your backups should be stored off-site, for example with a reliable cloud storage provider, for at least three months. Some businesses find daily backups to be enough, however if you have a lot of new data applied to your systems throughout the day, it can be prudent to back-up your data even more frequently.
Receive a FREE Security Assessment
StormWarden is offering new customers a free security assessment including dark web scan, internal security audit and one free phishing testing assessment for your staff when you sign up for our MFA cybersecurity services. Download the MFA flyer here or get in touch to find out more about this offer.