So, what can you do to help protect your organization without breaking the bank?
Here are three things you can change about your cybersecurity posture with minimal to no cost. While these adjustments are standard best practices, you will have to get used to the behavioral changes internally (this is in the best interest of your organization, and for your protection!)…
Implement Group Policy Objects (GPOs)
Administered by your IT team or managed service provider (MSP), Group Policy is a hierarchical infrastructure that allows a network administrator in charge of Microsoft's Active Directory to implement specific configurations for users and computers. Group Policy can also be used to define user, security and networking policies at the machine level. Here are a few recommended policies to get you started…
- Control your data by creating a file folder structure, set with proper authorizations/permissions
- Protect your data and your users by enforcing password resets every 90-120 days
By standardizing and automating policies, you have a stronger defense to protect and isolate your network.
Create complex password configurations
As explained above, regular password updates are essential to keeping your network secure; however, that’s not all you should be doing… Establishing complex password configurations also helps mitigate the chances of a brute-force attack on your network and/or workstations. So, starting with enforced password changes (every 90-120 days), create an even stronger password policy by adding two or more of the following conditions…
- Alpha-numeric (letters and numbers)
- Upper and lower-case letters
- Minimum eight (8) character use
- Special characters such as: !@#$%^&*()
Just to be clear, these suggestions should be your bare-minimum requirements. For more complex password policy recommendations, like two-factor authentication et. al., be sure to reach out to your IT provider for help with implementation.
Install firewall protection (security gateway appliance)
While “firewall” is a relatively familiar term across organizations, the policies put in place behind them may not be… Here’s a couple things to consider when setting your configurations to reduce the risk of unauthorized traffic…
- Set your configurations for spam filtering. Some of these may include:
- Flagging emails with too many special characters or links
- Blocking emails where the sender’s address don’t match the sender’s name
- Creating and blocking a list of bad domains
- Replace your old firewall version. If your current version is three (or more) years old, it’s time to replace it—many aging pieces of equipment will begin to fail and thus increase risk and exposure. Plus, an older firewall version may also slow down your connectivity and reduce productivity.
Using a professional grade firewall such as SonicWall or pfSense ensures you have the best monitoring of email and communication traffic, both internally and externally.
Still feel unsafe?
Reach out to your current IT provider for help implementing these policies for your organization.