- Ensure that all computers and laptops are all standard company build. Applications should only be necessary for work which means that no personal applications can be downloaded, such as Spotify or Instagram. As well as this, any new devices must be wiped/formatted from ‘Bloatware’ which is pre-installed software on the devices. Otherwise, there would have to be maintained, and they could become a security risk.
- Use robust and modern antivirus software. Antivirus software must be intelligent enough to handle modern-day risks and threats such as ransomware. Make sure any antivirus software used is ‘next generation. We recommend Sophos Intercept X Advanced.
- Filter websites that are visited. Many people can accidentally click on websites with malware on without knowing it. This malware can then infect the device. DNS filtering service quad9 is easy to use, protects against malicious websites, and is free.
- Regularly update devices. Try and update any laptops or computers as soon as the update is available, as outdated systems are more susceptible to cyber-attacks.
- Enable BitLocker on all devices. This encrypts your computer hard drive so hackers cannot access it if they were to attempt to hack into your device. This is free with Windows 10 and Windows 11.
- Provide everyone in the business with a business-grade password manager. This will ensure that anyone with access to data has secure passwords rather than simple passwords that are easy for hackers to guess.
- Provide cyber awareness training to those in your company. Most people don’t have adequate education on this and are more at risk of falling victim to a cyber-attack. KnowBe4 is an excellent website that assists in training cyber security.
- Make an audit of all cloud applications, such as Microsoft 365 and Dropbox, and look through them to see which ones have Multifactor Authentication. Enable it on every available cloud application if it is not already done.
- Ensure there is an independent backup. Cloud applications are not wholly responsible for data, so you must have your own storage in case the system goes down or gets hacked.
- Put your business through the Cyber Essential Scheme. This will provide the basic protection from cyber-attacks that your business will need. More information on this is available on our blog Here and YouTube Here.
- Put your business through Penetration Testing very 12 months. This will test your network for any vulnerabilities. For more information, look at our blog here or YouTube video here