One of the alarming trends of 2020 was the rise in cybercrime and online attacks. The pandemic caused a free-for-all on business and home networks as company data became accessible through both due to remote working.
53% of surveyed organizations say that phishing attacks increased since the beginning of the COVID-19 pandemic. Cybersecurity efforts for many Treasure Valley area businesses have also been challenged due to employees working from home.
20% of companies have reported experiencing a breach in 2020 due to a remote worker.
In 2021, IT security is going to be a major focus of business IT budgets. If you want to kick off your new year securely, read on for the areas you should focus on in the coming year to protect your data, devices, and network.
Remote Worker Security
Remote employees aren’t just going to go away once the pandemic has passed. Many businesses say they are going to keep some employees remote all the time.
Allowing employees to work from home has many benefits, such as improved productivity, lower costs, and higher morale. It also keeps companies protected should another major event happen that means they have to work outside their office.
But it also comes with security risk if home network security isn’t addressed properly. Some of the remote worker safeguards to consider in 2021 are:
- Business VPN for secure connections
- Network & PC monitoring for threats
- DNS and email filtering to protect against phishing
- Endpoint device management for pushing updates, monitoring data access, and more
Cloud Account Access Control
Credential theft has been rising along with the use of cloud technologies. Hackers often can’t get past the strong security of companies like Google or Microsoft, but if they can get a user’s password, they don’t have to. They can break into a Microsoft 365 or Google Workspace account and bypass security.
77% of cloud account breaches are due to compromised passwords.
An important area of focus for your cybersecurity this year is cloud account access control. This means putting systems in place that protect those passwords and keep hackers out even if they have breached one.
Some of the protections to consider are:
- Multi-factor authentication (MFA)
- Password manager
- Cloud account security broker (CASB)
Think about going beyond simple MFA and into things like location-based challenge questions. For example, with the right software you can have an additional challenge question asked to a user before granting access if they are logging in from an unexpected IP address.
Email Anti-Phishing Protections
Phishing skyrocketed due to the pandemic, and it continues to be the #1 method of attack for ransomware and other forms of malware as well as data breaches.
Email inboxes are on the front line when it comes to phishing attacks, so it’s important to use multiple layers of protection to help keep users safe.
Some of the email anti-phishing protections you can put in place include:
- Email authentication to stop email spoofing
- Email filtering for spam and phishing
- Microsoft 365 protections like Save Attachments and Safe Links
Mobile Device Security
Mobile devices now make up more of the endpoints on a company’s network than computers. But they’re often left less protected, especially if a company allows employees to use their own mobile devices for work.
Look at putting a mobile device management application in place this year, such as Microsoft Intune. This allows you to keep track of mobile device access to your data and keep those devices secure.
Some of the features of a mobile device manager include:
- Remotely manage updates and security patches
- Grant or revoke access to company accounts remotely
- Wipe or lock a lost or stolen device
- Keep company data from being inappropriately shared through automatic security policies
Data Backup & Recovery
Backup and recovery is an important part of cybersecurity because many attacks – such as ransomware – can result in a loss of data. A ransomware attack can cost twice as much if you don’t have a data backup and have to pay the ransom to the attacker.
With data now spread out over multiple devices and locations, it’s more important than ever to have a unified backup plan that includes all your files, wherever they may be located.
You want to put in place a data backup strategy that covers data contained in:
- Computers & laptops
- Servers & network-attached storage
- Cloud accounts (Microsoft 365, Dropbox, etc.)
- IoT devices that contain data
Using a cloud backup strategy is the safest method because it allows your data to be accessible and recoverable from any location and protects your data in case of damage to your office.
Let’s Plan Your 2021 Cybersecurity Strategy Today!
Connect2Geek has multiple solutions to help ensure your data, devices, and network are well protected in 2021 and beyond.
Schedule your free consultation to learn more today! Call 208-468-4323 or reach out online.