Quickly run through the following excerpt from A Practical Guide to Cyber Security for Small Businesses of 14 free (yes that’s right) basic zero-cost steps that will help you immediately improve the security of your business.
- Register all your business and personal email addresses for notification alerts at https://haveibeenpwned.com (don’t worry it’s free) to be warned if one of those addresses appears in an online database resulting from a data breach or hack.
- Consider changing your DNS settings to Quad9 (220.127.116.11) if you do not already filter your DNS.
- Disable Adobe Flash from running automatically in your web browsers.
- Remove Oracle Java and Microsoft Silverlight if you don’t need them.
- Run all users as standard users rather than as administrators in Windows.
- Educate your staff about the worst passwords of 2017 (www.teamsid.com/worst-passwords-2017-full-list) and to not use their year of birth as a phone PIN.
- In Microsoft Windows machines, make sure Show all File Name Extensions is enabled, so you can spot program files posing as documents like SOMETHING.DOC.EXE or SOMETHING.PDF.EXE as the last dot and 3-4 characters would normally be hidden.
- Make sure you pass the Anti-Malware Testing Standards Organization (AMTSO™) free Security Features Check at https://www.amtso.org/security-features-check/
- In Microsoft Windows machines, disable SMB v1 to prevent viruses similar to Wannacry from spreading within your network.
- Install Qualys BrowserCheck (https://browsercheck.qualys.com) for a security analysis of your browsers and plugins.
- Activate two-step authentication for your web domain name registrar account (GoDaddy, 123reg, etc)
- Test your firewall using the free ShieldsUP! service at www.grc.com and while you are there also download the free InSpectre utility (www.grc.com/inspectre.htm) to check whether you are protected from Meltdown and Spectre attacks.
- Scan computers with an online scanner at least once a month from a different antivirus company than the one you have installed (for example ESET, Kaspersky, Sophos, Trend Micro)
- Label up an emergency USB stick with a copy of Malwarebytes and the Sophos Virus Removal Tool.
NB – The book has a twenty point checklist
A Practical Guide to Cyber Security for Small Businesses will be released in September or October 2018. For information on our other information security products, check out our ISO/IEC 27001 product category.
About the Author:
Nick Ioannou is an IT professional, blogger, author and public speaker on cloud and security issues, with over 20 years’ corporate experience, including 15 years using cloud/hosted software as a service (SaaS) systems.
He started blogging in 2012 on free IT resources (http://nick-ioannou.com) currently with over 400+ posts. Author of Internet Security Fundamentals, contributing author of two Managing Cybersecurity Risk and the recently published Conquer The Web.
More free security advice and resources and information on how to contact Nick can be found at www.booleanlogical.com