From phishing to malware, cyber attacks to natural disasters, our networks are constantly under attack. Add in the additional complexity of increased remote work arrangements in the wake of the COVID-19 pandemic—as well as the strain on legacy systems—and it can be harder than ever to protect your networks around the clock.
However, with some proper planning and smart investments, your organization can take key steps to improve network security and build momentum for a strong cybersecurity program, no matter where and when your staff are working.
1. Leverage Multi-Factor Authentication (MFA)
In a time when more employees are working in remote locations, multi-factor authentication (MFA) can be a strong extra layer of network security.
MFA comes in a range of forms that meet your business and employee preferences. The authentication can include something you have (e.g., a keychain token or mobile phone) or something you are (e.g., a fingerprint, face scan, or other biometric key).
When used in combination with a username, password, and other network access management tools, like Clearpass, that can enforce consistent and granular security controls for those working remotely, your security team should have the extra support needed to stop and flag abnormal activity on your network.
2. Use an Intrusion Detection System (IDS)
Antivirus software is made to help your organization identify and guard against known malware and vulnerabilities coming into your network through email, external media like thumb drives, and downloads. These systems use what are called signatures—sequences of code that make up the viruses—to flag potential malware with new virus signatures added regularly. But these security controls do have their limits, especially against “zero day,” or new viruses, and more advanced techniques.
To protect against these advanced attacks, organizations are relying on intrusion detection system (IDS) tools. For example, some cyberthieves use documents or forms embedded with malicious macros, which are executable code, that hide within your existing workflows or network traffic and use the privileges assigned to the user running the local system.
In these cases, an IDS adds an extra layer of security to your network defenses by comparing “normal” patterns of network and application behavior over time and flagging your team when something is out of the ordinary, for instance, a macro running within a normally benign document editing application.
3. Expand Use of Data Loss Prevention (DLP)
If your organization is already leveraging firewalls and IDS tools, you can go one step further with a data loss prevention (DLP) tool. These security controls work by “sniffing” or scanning your host-related network traffic to make sure proprietary or sensitive data really is supposed to be leaving your system and distributed to others. If it isn’t, the application will block the traffic and flag the event.
4. Regularly Train and Refresh Your Staff
According to a Verizon study, 20 percent of cybersecurity incidents and 15 percent of data breaches involve employees, making your staff a key part in your network security. Therefore, in addition to implementing security tools, your organization needs to take the time to invest in and deliver regular cybersecurity awareness training.
This is especially important for employees in roles with access to sensitive information, such as finance, human resources, IT, executives, sales, and operations—or those that interact with them. Initiatives like security messaging campaigns, phishing simulations, and regular updates with best practices and how-to’s can be effective, if distributed creatively.
5. Use Anti-Phishing Tools
In the wake of the COVID-19 pandemic, phishing attacks on organizations have drastically increased. In fact, Google has identified more than 2 million phishing websites since the beginning of 2020, or a nearly 20 percent increase since 2019.
Give your staff and your network another tool to fight back against this form of attack with anti-phishing toolbars or plugins that can automatically scan traffic and content for web and email domains known to be related to phishing scams and alert the user or IT teams when there is suspect activity.
Let’s Get to Work
Although there is no 100 percent proven method to avoid attacks, tools and techniques like these can greatly reduce the risk and impact of an attack. Additionally, many of these tools cost less to implement and maintain, especially compared to the cost of potentially having to clean up a major cyber incident or data leak. If you would like another great tool to fight back against cyberattackers, download our free Cybersecurity Checklist for a deeper understanding of the state of your cybersecurity defenses and the next steps you can take to further lock down your network.
For even more help finding the right tools for your organization, as well as how you can boost your cybersecurity program for the cyberthreats that lie ahead, we welcome you to have a personalized meeting with a VectorUSA expert today.