A cyber attack is any offensive action that targets your employees, network and computer systems, and network infrastructure.  The main purposes of these attacks are to steal, alter, destroy data and information systems. 

1. Vulnerability Assessment – Conduct semi-annual vulnerability assessments to determine your company’s security posture. This assessment is a combination of a physical, technical, and administrative review of your network.
2. Email Protection – Immediately implement some type of email protection service. This would be a type of spam filter, link validator, and attachment scanner. This is critical as most attacks are generated by phishing emails.
3. Endpoint Security – Most importantly, advanced endpoint security. This software uses AI to inspect and protect your devices in Realtime. It is also referred to next generation antivirus.
4. Windows & Third Party Updates – Another critical element to implement. Most vulnerabilities come from unpatched systems. Just doing windows updates once in awhile is not good enough. Updates must be done not only on windows computers, but your hardware devices like switches, firewalls, and wireless access points as well.
5. Passwords – You must change your password at least every 30-45 days. This is probably the thing most people dislike, but it is simple to do, doesn’t cost you money and provides significant protection.
6. Hardware Firewall – If you don’t have a firewall in your business, you should get one right away.  It is equal to not having locks on the front door of your house.
7. Backup & Disaster Recovery – Make sure you have a solution to backup your data onsite and offsite. If a disaster happens, and they do happen, you will be able to protect and recover your data.
8. VPN / Encryption – If you have employees working remotely, like most of us now do, it is very important to make sure they are connecting using a VPN and some type of encryption.
9. MFA – Multi-Factor-Authentication – MFA is a bit of a hassle, but it ensures your accounts are protected. If someone attempts to log into one of your accounts, they will need a secondary code to gain access. Multi-layer account protection is definitely worth it.
10. Security Awareness Training – Educate your employees and you will add another level of protection to your company. The more they know how to spot a vulnerability or phishing email, the more protected you are and the number of vulnerabilities you will have. 

For more information on how you can protect your company, please visit the Managed IT Services and Managed IT Security Services pages of our website. Many companies in the Maryland, Virginia, and Washington, D.C. area trust us to provide them with our Cyber Security Services, we hope that you will too. To get started, just give us a call at 301-396-8455 or Contact us today.