Q. Does your company use enterprise level software?
Q. Does your company have any part of its IT infrastructure outsourced?
Q. Does your organization’s IT security vendors also responsible for the deployment of the same?
Q. Is the company still dependant on legacy OSs and software?
If you answered any of the above questions as “Yes”, well, then you are indeed living dangerously
. You should be worried.
Let me elaborate.
We are all surrounded by digital devices and systems in our personal and professional lives. So much so that its hard to imagine a life without them and the conveniences that they bring along. Anyone who has ever come across an ATM with an “Out of Order” notice knows what I am talking about here. With so much of our lives existing in digital formats, it’s not a surprise that there are criminals and criminal organizations that dedicate themselves to gaining access and taking control of our digital lives.
Organizations and businesses have also gained a lot from the digital age. How? I am not going to touch base about it because as an individual reading this in 2018 (and onwards) you are already aware of the why and how businesses have benefitted and evolved in this digital age. That being said, businesses today are targeted specifically for their dependency on digital infrastructure (by criminal and/or state-sponsored entities
) Cost businesses billions of dollars every year.
It is highly unlikely that an organization can be made bullet-proof against cyber attacks, thanks to zero-day vulnerabilities
, but we can drastically reduce the attack surface
and enact protocols that ensure quick recovery from inevitable breaches
. Here are a few things that you can, as an organization, do to improve your security posture towards threats.
Patch your softwares
IT systems are expensive to deploy and are a cost to maintain for any organization. Having said that, the costs for having unsupported and unsecured systems can be exponentially more
. Audit the operating systems and software that are in use, make sure they are updated with the latest patches. Where updating is no longer supported by the OEM, upgrade
. If you have a vendor that you have an AMC with, or different vendors that cover enterprise software like ERPs, CRMs and hardware separately make sure that patches and updates are a part of it
. If they aren't, refresh the contract and add new clauses. This is a simple and absolutely necessary step towards “tightening” of your IT security.
Secure Your Website/s
Your website is your online Identity, having it attacked, taken control of and defaced is one of the most embarrassing
thing that can happen to you.
The latter isn’t the only thing that an attacker can do. In another scenario, your site can be compromised and be installed with script which will in turn try and infect visitors to your website
. Your customers, prospects and even your employees can be among the aforementioned visitors. The damage spread from here can is quite imaginable from here. As a protection make sure you are hosted with a reliable service provider
like Bluehost and Siteground. Ask your web development vendor to carry out a security audit on the server and the
web site code to harden it against attacks
. If your website is hosted on Wordpress is, install security plugins like WordFence and configure it properly
(the next point will cover this in more detail). Make sure that your themes and your plugins are up-to-date.
These steps seem easy and simple but they really are the fundamental and most important step towards the health of your online reputation.
Don’t have a “set it and forget it” mentality
So you are a somewhat aware business leader/manager and you have sanctioned the purchase of that state of art firewall. Ask yourself, who will deploy and configure the product? The vendor? A non-specialised internal IT staff? The answer to this question is critical. The vendor knows only their property and the internal IT staffer may not be qualified to “properly configure” the hardware
. This means, that you now have spent big bucks for an expensive piece of hardware, but are unable to get the full range of protection offered by it. The point here is that you should not, under any circumstance, underestimate the need for professional services to
optimize your digital security devices.
Yes, this is an added cost and yes, your accountant may not like it, there is even a possibility that some egos in the company may get bruised, but this is of critical importance. Security Service Integrators have the specialization and expertise, this coupled with your state of the art hardware will
ensure that your investment will give you the most bang out of it.
Set right expectations from the system/s
The shiny new system is in place and now you are excited to go and see all the capabilities that it can offer. You activate all features and notifications in a short period of time you are drowned by a torrent of notifications of all sorts and you/your staff is still on the learning curve. This scenario not only send your team chasing unimportant events, wasting precious time, but such situations can easily suppress notifications of critical importance. You can avoid such situations by setting the right expectations for the stakeholders
. Right expectations can be defined as what functionality to expect and the frequency of reports and notifications. Also, band event together in terms of severity and set notifications accordingly.
Where ever possible, arrange for internal as well an internal training for gaining some level of internal expertise in setting and configuration of
All these steps coupled with an awareness of the IT environment can help you and your company to substantially mitigate today’s digital threats.
Thank you for reading so far. A quick word about us. Evomatiq Business Solutions LLC is a lithe and boutique Enterprise Software Solutions provider
based out of Dubai, UAE. Evomatiq specializes in consulting businesses towards finding the right software solution fit
and eventually with its implementation. A registered Sage Partner, Evomatiq is dedicated to
provide products and services with complete transparency and reliability
Get a Complimentary Breakthrough Session