Information Security
My email account has been compromised, What can I do?
If you can still access your account, change your password. Make the password different to anything you’ve used in the past. Change your security question and turn on two step verification as an extra measure of security. If you cannot login, contact your email service provider and perform necessary steps to get back in.
What is social engineering?
Social engineering involves an individual manipulating another person into performing actions or revealing confidential information that includes your credentials, financial, business and personal information.
Why is cyber security important?
Online criminal activity is on the rise, and with costs estimates up to £34 billion to UK firms from cyber-attacks, cyber security is the need of the hour. As every business function is inter-related with IT, protecting the assets from cyber-attacks is essential to keep the business operational. Cyber events can cause huge losses to a business like yours including financial, personal data, reputational, recovery costs from incidents and costs from legal fines. Thus, it is important to adhere with cyber security policies and to have appropriate security controls.
Why are cyber security breaches bad?
A cyber security breach can be devastating to a business in many ways. A cyber breach can result in financial losses (recovery costs, legal fines and fees), loss of personal, confidential or business information and reputational loss. SMEs are increasingly becoming the target for cyber-attacks and a data breach can cripple your business if proper preventive measures are not in place.
What makes a strong password?
A strong password is one which is not easily guessable for an unauthorised user, and should never be told to anyone. A strong password would be of considerable length (long ones are preferred but must be memorable), contains a mix of alphabets, numbers and special characters. Eg:1AmC00!
What makes a weak password?
A weak password is one which is easily guessable by an outsider, allowing them access to a system they’re not authorised of. They may be small common phrases or dictionary words. Eg: Password123
What is a social networking website?
A social networking website is a website which allows users to communicate with peers, and post content such as text, images and videos. People can create their user profiles on these sites and interact with others who share similar backgrounds, personal or career interests and activities. An example is Facebook.
What is information access management, and why is it important?
Information access management involves defining who has access to certain information, and who doesn’t. This is often defined by different levels of information access to individuals or a group. Information access management is important to ensure that only the right users have access to right resources they need within the context and denying the access to unauthorised users.
What is remote access?
Remote access is the ability to access a network, computer or any other device from an off-site remote location. It allows users to access, control, manage and modify files or data in the remote device.
What is the Cloud?
Cloud computing allows a user to access files and programs using the internet, rather than storing the data on your hard drive (where data is usually stored). It facilitates on-demand availability of data storage services, servers, software, networking and other services over the internet.
What is Penetration testing?
Penetration testing (also known as a “pentest”) involves simulating an attack on a system to assess its resilience and to evaluate its security. Pentests are used to uncover weaknesses like exploitable vulnerabilities and threats in a system, application or a network. It also determines the robustness of security controls that are deployed in the organisation.
What is malware?
Malware is a catch-all term for any type of malicious software designed to harm or exploit any programmable device, service or network. Cybercriminals typically use it to extract data that they can leverage over victims for financial gain.
How do I prevent malware from getting onto my computers?
According to the government’s 10 Steps to Cyber Security, you should follow these steps:
1) Developing and documenting anti-malware policies
2)Adhering to removable media policy
3) Install firewalls and antivirus software
4)Beware of phishing emails that could carry malware as attachments or clickable links
5)Provide employee awareness training to educate them on best practices
How to I manage removable media like USB storage devices?
Removable media can store and transfer a lot of data and information which may be sensitive or confidential, meaning it creates many more risks for a business including loss of information, introducing malware to the systems and reputational damage after an incident.
These risks can be managed by taking the following measures:
1) Create and document removable media policies
2) Limiting the use of removable media – deny access to media ports by default
3) Scan for malware before using removable media
4) Encrypt the information held on the media if possible
5) Store the media securely to prevent from theft/losing
6) Dispose media adhering to disposal policy
How do I securely configure my devices like laptops and servers?
Secure configuration refers to those measures that are implemented in devices and systems to reduce vulnerabilities. Systems with inadequate management of secure configuration are vulnerable to cyber-attacks and will likely result in breaches. The cyber risks you will face will likely include exploitation of bugs in unpatched/not updated systems and exploitation of user privileges
These could be managed by:
1) Using vendor supported software and the right versions
2) Patching/Updating software/browser/system frequently and keeping them up to date
3) Regularly conduct vulnerability scans
4) Disable unnecessary peripherals/media, uninstall old software
5) Limit user privileges
6) Use strong and unique passwords
Staff are now working from home more and more. How do I secure my company with home or remote workers?
Home and mobile working although offers numerous benefits for employees and employers, it also presents several new risks to an organisation which may include: Loss/theft of devices, vulnerability of being observed or looked when working from a public space, loss of credentials and tampering of devices or information.
These risks can be managed by:
1) Establishing a work from home and mobile device policy
2) Ensuring basic security controls like strong passwords are in-place
3) Adhere to the same corporate policies while working from home and add in compliance checks
What are the 10 Steps to Cyber Security?
The 10 Steps to Cyber Security are guidelines from the Government on the steps businesses should take to protect themselves against cyber threats.
Home and Mobile Working
Develop a mobile working policy and train staff to adhere to it. Apply a secure baseline build to all devices. Protect data both in transit & at rest.
User Education & Awareness
Produce user security policies covering acceptable & secure use of the organisation’s systems. Establish a staff training programme. Maintain user awareness of cyber risks.
Incident Management
Establish an incident response & disaster recovery capability. Produce & test incident management plans. Provide specialist training to the incident management team. Report criminal incidents to law enforcement.
Information Risk Management Regime
Establish an effective governance structure and determine your risk appetite- just like you would for any other risk. Maintain the Board’s/ Senior management’s engagement with the cyber risk. Produce supporting information risk management policies.
Managing User Privileges
Establish account management processes & limit the number of privileged accounts. Limit user privileges & monitor user activity. Control access to activity & audit logs.
Removable Media Controls
Produce a policy to control all access to removable media. Limit media types & use. Scan all media for malware before importing on to corporate system.
Monitoring
Establish a monitoring strategy & produce supporting policies. Continuously monitor all ICT systems & networks. Analyse logs for unusual activity that could indicate an attack.
Secure Configuration
Apply security patches & ensure that the secure configuration of all ICT systems is maintained. Create a system inventory & define a baseline build for all ICT devices.
Malware Protection
Produce relevant policy & establish anti-malware defences that are applicable & relevant to all business areas. Scan for malware across the organisation.
Network Security
Protect your networks against external and internal attack. Manage the network perimeter. Filter out unauthorised access & malicious content. Monitor & test security controls.
How should I train and raise security awareness in my company?
All staff members and directors should be aware of their personal security responsibilities and follow set company policies. Training and awareness programs should be delivered systematically to nurture a security-conscious culture.
This can be developed by:
1) Establishing user security policies which includes user access policy, leaving policy etc
2) Conduct staff induction programs for new joiners/users
3) Provide refresher trainings regularly to ensure they are aware of the risks faced by your company
How can I manage user privileges?
Users of an IT system should only be allowed access to information and have privileges required to do their job. Inefficient management of user privileges can introduce several risks to the organisation including
⦁ Misuse of the privileges which may result in unauthorised access to information,
⦁ Attackers gaining access to more than one accounts from a privileged account
⦁ Attacker being able to negate the deployed security controls from a privileged account
These risks can be handled by:
1) Establishing access control policies which defines the level of access each one has
2) Limiting user privileges and authorising them for only what they need
3) Monitor user activity and set up alerts
4) Use strong passwords adhering to your password policy
How can I secure my network?
There are steps that you can follow to minimise your risks within any network. These include:
1) Managing network traffic, access to ports and setting up firewalls
2) Secure internal network by setting up strong Wi-Fi controls
3)Segregate different networks and monitor them using network intrusion detection and prevention systems.
How can I keep my online banking safe?
Here are some hints and tips on how you can keep your bank account safe from fraudsters:
⦁ Never login your bank accounts using a public wi-fi
⦁ Never save your login details on your computer or mobile devices
⦁ Use strong, unique passwords and multi-factor authentication where you can validate a code send when you try to login
⦁ Monitor your banking account regularly and report any unusual events immediately
Can I use online banking on my phone? Is it safe?
Online banking on mobile devices, otherwise known as mobile banking, can be safe as long as the following precautions are taken:
⦁ Use strong, unique passwords and multi-factor authentication where you can validate a code send when you try to login
⦁ Do not use mobile browsers to perform online banking. Try to use the dedicated applications of the corresponding banks
⦁ Keep your phone protected with passwords/pin
⦁ Never login your bank accounts using a public wi-fi
⦁ Monitor your banking account regularly and report any unusual events immediately