Make Cybersecurity Part of Your Plan for 2020
According to industry research, in the first half of 2019 organizations experienced more than 3,800 publicly disclosed breaches exposing 4.1 billion compromised records. Unfortunately, organizations historically have only utilized a tiny fraction, if any, of their total technology budget allocated towards cybersecurity. Simply put, the threats are growing more sophisticated and more targeted every year, yet many organizations are not keeping up. An unfortunate truth is that it is no longer a matter of when a breach will occur, but when – and how much damage will be caused before it is stopped.
While it might seem like a losing battle, a few steps can greatly improve your security posture and potentially deflect incoming risks elsewhere. While nothing is guaranteed, by implementing these initiatives, you can greatly improve your defense.
Recommendation 1: Use Multi-Factor Authentication (MFA)
This is easily explained as “Something you know (a password) + Something you have (your physical smartphone) + Something you are (like a fingerprint or voice identification)”. Simply put, passwords are not enough. People have too many passwords to remember so they revert to bad habits and use the same password for different accounts, or at least the same pattern of a password. Oftentimes, when passwords are exposed in a data breach or if a hacker tricks someone into giving up their information, it is quickly tested against many other websites or social applications and sometimes even the person’s organizational accounts. MFA greatly reduces this risk. Even if a bad actor (the technical term for a hacker) has a user’s password, they will not be able to log into these other accounts.
This basically works by requiring the user to enter a second form of authentication/verification. This may be a random code on your phone or a text message with a code sent to your phone. Once you enter your password for the MFA-enabled account, the next step is to enter a randomly generated number displayed on your favorite MFA app.
The rule of thumb – if it is connected to the Internet and has data you want to protect, it should have MFA enabled.
Recommendation 2: Close Open RDP Ports
Now, this one gets a bit technical, but it is critical. Possibly the easiest way into any network, once you know the password, is to take advantage of open RDP (Remote Desktop Protocol) ports. RDP ports can allow a person to take remote control over a computer and use it to do very bad things throughout the network. Many computers are set up to allow these ports by default (often the default port of 3389). IT administrators will typically change the default port of RDP to a random number to harden the remote systems. Opening an RDP port is the equivalent of opening a window at your home but locking the front door. Bad actors are constantly scanning the Internet for open RDP ports. When they find one, they will test passwords until they get in – it is only a matter of time.
The best course of action is to close off ALL open RDP ports and require the use of a VPN (Virtual Private Network). If you are unsure if your business has open RDP ports, please talk with your IT professional right away.
Recommendation 3: Utilize Air-Gapped Backups
Often bad actors will target and destroy backups as part of a breach. Having good backups is critical, but you must keep a backup of your data offsite/offline. Air-gapped backups are backups you have stored on a computer or drive that is not physically connected to the Internet. Typically, this involves utilizing a portable hard drive, backup tapes, or other physical media that you 100% control. It is nearly impossible to compromise air-gapped backups unless the bad actor physically has control of the backups.
What about cloud backups? Cloud backups are more resilient than air-gapped backups against human error but are ultimately still physically “out of your control”. The right answer? Use both cloud and air-gapped backups for maximum protection and security.
Summary
The team at Element Technologies frequently assists organizations and high-net-worth individuals who have been victims of cybercrimes. We feel with a high degree of confidence that utilizing these three steps will prevent a vast majority of those attacks. Help protect your personal and organization’s valuable data by implementing these recommendations and reduce your risk. Make 2020 a year to focus on your organization’s overall success by allocating funds to protect your company and its assets.
If you have questions or would like to learn more about developing a cybersecurity plan, contact Jeff Alluri at jalluri@ele-ment.com or Craig Sixta at csixta@ele-ment.com.