Posted 22nd June 2019
Many centuries before computers had been invented Benjamin Franklin famously said: “If you fail to plan, you are planning to fail”. We spend our lives preparing, checking our tyre pressures before setting out on a long journey, making sure we have travel insurance, knowing when the last train is after an evening in the West End. The reason we do this is because we know what happens if we suffer a puncture with no roadside assistance cover, how much a hospital bill abroad can cost, and that being stranded far from home is an unattractive option. So, it makes sense to plan our company IT strategies in much the same way.
Making up your IT strategy as you go along is potentially, sorry make that definitely, detrimental to your business. Aside from risking the very likely possibility of a malware or hacking attack, you also put yourself at risk of costly downtime and data loss. Every organisation, no matter how large or small, needs to have a strategy in place to protect themselves from data disasters.
Disaster recovery is just that, it’s a backup system or plan that can restore your servers and data should it be hacked, fail, locked down using ransomware, fire, flood, theft amongst many scenarios. Without a functioning disaster recovery system, backed up to a remote server, you could find that your network, files and system could be lost forever.
We don’t like to scaremonger but think about how much value you put on the files held within your network. Could your business function effectively if your team was unable to use computers or other devices? LP Networks back up our clients’ systems every day, ensuring that, if the worst happens, their systems can be restored with a minimal loss of downtime.
Patch management is vital to any IT security plan. Patches are pieces of code that need to be installed to ensure that software and hardware remains secure and works effectively. This includes firewalls, anti-viruses, devices and the software you use daily. Not updating patches can have detrimental consequences. This was shown in 2017 when the Wannacry virus locked 75,000 computers in the space of 24 hours (rising to over 300,000 affected machines), most notably bringing the NHS to a standstill. This disaster could have been easily diverted by the installation of a simple patch update.
We would pass this advice on recently garnered at a security conference from an ex-FBI agent, “It’s not an ‘I’ll get to it next week’ task, it’s a ‘drop everything and do it now’ task”, Windows vulnerabilities are turning into Exploits within days now.
The way we share data has dramatically changed alongside our increased reliance on technology and the amount of data shared has also increased. With this increase comes a greater chance of information failures and data breaches, and alongside that comes the threat of fines from the ICO.
Creating a proper IT strategy is the only way to ensure that all your bases are covered and going one step further and contracting an outside provider means that you can avoid the headache of making sure that you are legally compliant. Please remember being compliant does not necessarily mean you’re cybersecure (or vice versa), this is not just a box-ticking exercise, it’s a change in attitude to the way we approach security.
We’ve already mentioned that managing your patches will keep your operating systems, anti-virus and firewall software working properly, but ensuring that your cyber-protection is up to date and fit for purpose is also equally as important.
Perimeter security is constantly evolving and can now monitor not only outside threats but also potential threats from inside your organisation. With the increased use of devices such as tablets and phones to remotely access cloud-based networks, sometimes a simple anti-virus or firewall can now be considered ineffective.
Outsourcing your cyber security means that you can rest assured that there is a team checking on your system 24/7 and that all of your endpoints are protected.
Your system is only as secure as the people who have access to it and managing your security configurations can make a huge difference to your overall network security. Who has access to your important documents and files? Do ex-members of your team still have access? Do you audit what is happening on your network?
You can have the most complex and up to date perimeter security and encryption in place, but if people who stopped working for you a year ago can still access your system, you may as well leave the front door to your business wide open.
If you'd like to chat about your IT strategy (or lack of one) get in touch today.