Sure, this seems obvious, but up to date really means now and not tomorrow. There were 24,610,126 unique malicious objects detected by Kaspersky’s web antivirus solution in 2019. Let that number sink in. Sometimes even large enterprises don’t put every patch in place as quickly as they should. Make sure your antivirus software is continuously updated to block every kind of attack, and include email scanning and filtering that can contain phishing attacks.
3. Know Your Network, Protect It Too
Make sure you have the tools you need to know what’s happening across your network. That includes tracking personal mobile devices that may offer hackers a backdoor into your network. Many of these devices lack the built-in security found on corporate machines.
Developers are also a favorite target for phishing attacks because they have admin access across multiple systems. Segmenting networks helps reduce risks by limiting and securing the number of admin accounts. Change your default passwords across all access points, too. You’d be surprised how many successful brute force attacks (where hackers use bots to hack passwords) are the result of enterprises failing to use strong passwords or change default passwords.
4. Put an Effective Backup and Disaster Response (DR) Plan in Place
Whether it’s a ransomware attack or a natural disaster, there’s no substitute for preparation. Establish a backup and business continuity strategy and plan that meets your recovery time objective (RTO) and recovery point objective (RPO), and make sure your backups follow the 3-2-2 backup rule, which you can read more about on our blog. An effective backup strategy is your best defense against the consequences of a disaster.
A comprehensive DR plan should address your inventory assets and services in addition to your data. You must also establish a disaster recovery team and define responsibilities and include a communications plan. You’ll find a checklist for IT disaster recovery planning here on our blog.
Whether your enterprise is large or small, the damage done by a successful attack can be painfully destructive. The best offense is a good defense, and solid planning and preparation. Make sure your DR plan is up to date and your backup strategy is bulletproof. Then, when disaster strikes, you’ll know exactly what to do.