Businesses big or small know that their most important assets are their digital assets.
Cybersecurity threats are becoming increasingly common, targeting organizations of all sizes and industries.
Cybersecurity is not solely the concern of large enterprise and government, with about half of all cyber-attacks targeting small business. Most owners corporations and company title properties are run as small to medium sized businesses.
We have been provided some tips on how to secure our small business, including recommendations from the ASD’s Essential 8, and suggestions from our IT partner who authored this article.
Why Cyber Security Matters for Small Businesses
Cybercriminals target businesses without discrimination as to size. Often small businesses are easier targets because they have limited resources and are frequently lax when it comes to security controls.
The consequences of a cyber-attack can be devastating, leading to financial loss, damaged reputation, and even the closure of the business.
Implementing the ASD Essential 8
The ASD Essential 8 is a set of security controls developed by the Australian Signals Directorate (ASD), which are oriented toward small business with a predominantly Microsoft Windows ecosystem.
The Essential 8
Here’s a brief overview of how we implemented each of the Essential 8:
- Application whitelisting:
The use of Windows native tools to collect a baseline of our required applications, before disallowing anything that varies from that rule, has permitted us to ensures only approved software can be run in our core environment.
- Patch applications:
The use of automated patching tools allows deployment of patches quickly after they are released. Regular reviews of the patching tools and reporting of this by our IT partner ensures there is human oversight to address any errors that may arise or withhold any specific patches that are shown to cause problems.
- Configure Microsoft Office macro settings:
By restricting the circumstances under which Office macros can be executed protects the system from malicious office documents that may masquerade as authentic files.
- User application hardening:
By following the CIS benchmarks for application and web browser hardening, we one can disable unnecessary functions that may be exploited by malicious websites.
- Restrict administrative privileges:
Limit the number of users with administrative access to your systems, and restricted sensitive information to only those staff/people who require access.
- Patch operating systems:
Leveraging automated patching tools and the same reporting process as your application patching routine, we keep your operating systems up to date with the latest security fixes.
- Multi-factor authentication:
Implementing multi-factor authentication for access to any system accessible online, including email; and
- Daily backups:
Perform daily backups of important data and store them securely, on a system which is not accessible from the rest of your network. The backup system uses a separate set of credentials, which are not shared with any other element of the IT system. This helps to keep your backups separated from our daily operations.
Enhancing Security with Additional Measures
In addition to the Essential 8, we worked with our IT partner to implemented further security measures to bolster our defences:
- Endpoint Detection and Response (EDR) system:
Our IT partner implemented an EDR system with centralised logging and alerting. This ensures we are notified quickly in the event of malicious activity being detected. Regular reporting from our IT partner ensures we are kept apprised of regular occurrences.
- Vulnerability management program:
Our IT partner helped us develop a vulnerability management program to identify, prioritise, and address potential security weaknesses in our systems. Regular reporting and remediation targets ensure detections are actioned in a timely manner.
- Phishing awareness campaigns:
Recognizing that our employees are our first line of defence, we partnered with our IT provider to conduct phishing awareness campaigns. These campaigns help educate our staff on how to recognise and report phishing emails, reducing the likelihood of falling victim to such attacks.
The Benefits of a Comprehensive Cyber Security Strategy
Since implementing these security measures, we have gained numerous benefits:
- Reduced risk of cyber-attacks:
By following industry best practices and continuously improving our security posture, we have significantly reduced the likelihood of falling victim to cyber-attacks.
- Enhanced data protection:
With our strengthened security measures in place, we can better protect our business data and customer information, ensuring that we maintain trust.
- Improved business continuity:
By regularly backing up our data and having best practice security controls in place, we can recover more quickly from any IT incident (cybersecurity related or otherwise).
Our journey to a more secure IT system has been both challenging and rewarding. By implementing the security measures outlined in this post, we have improved our security posture and reduced our risk of cyber-attacks.
We encourage other small businesses to take cybersecurity seriously and consider reviewing their own security measures, with a view to protecting themselves against this growing threat.