In this post we are dealing with the biggest risk for a SMB. Often when we sit down with clients to discuss projects or roadmaps for their business we cover off on what their risks are. Traditionally that has included issues such as hardware failure, electricity outages, data corruption etc.
These days we find ourselves dealing with the biggest risk for a SMB: the growing risk of cyberattack.
The two main objectives of cyber attack are
(i) encrypt your data and hold you to ransom
(ii) steal your customer data
In a similar way to finding solutions to hardware failures and electricity outages, we need to find solutions to cyber attack.
Ours is a dual approach…
- increase your defences
- have a proven recovery process
I am assuming that you already have strong passwords, antivirus/antimalware, VPNs, multifactor (MFA), server and device patch updates and other basic level security in place. If you don’t then you need to get that fixed now.
Increase your defences: you can increase your defences by doing a combination of the following
- end user training (most cyber attacks exploit human behaviour)
- centralised control of what websites your users can get to (it is simple to keep them away from known infected sites)
- mobile device management [MDM] (365 and G-Suite have built-in MDM)
Proven recovery process: just backing up is not enough. A lot of sites backup to external USB HDDs which are then rotated offsite. Did you know that hackers actively encrypt the backups before they encrypt your servers? That means that you won’t have a backup system to fall back on.
It is critical to have a proven recovery process that fully restores the system backup that is kept OFFLINE. An offline backup system is kept away from and disconnected from your production IT systems so that the hackers cannot encrypt the backup. An example of an offline backup system that is out of reach to hackers is Roshtech’s cloud backup system.
The recovery process needs to be simulated every 6 months and you should receive a report that outlines the outcomes.
All of the above is carried out as part of a Roshtech managed IT service for our customers. If you don’t have a rock solid plan for how to deal with cyberattack the you should talk to Roshtech on 1300666040 to discuss your options.
*Special note: why is it that you hear a lot of warnings about cyberattack but you don’t necessarily hear a lot about local businesses being attacked?
Answer: local businesses simply won’t publish that they have been the victim of cyberattack because is damages their reputation. We see a lot of cyberattacks first-hand and it is definitely not the sort of event that a business wants to have disclosed in the media or elsewhere as it would have a disastrous effect on their brand.