Top 9 IT Security Measures You Must Address as a Startup
Congratulations, you’ve put the time, sweat, brains and energy into your vision, defied the odds, and have founded a startup.
82% of successful business owners did not doubt their ability or qualifications when they started their business. Chances are you too have that kind of confidence in your abilities to lead if you’re reading this. Now you face the next startup challenge – being in the 10% of startups that survive. You likely have the mindset, confidence, and skill stack to make it – but you also need the right tools, people, and systems.
There are a lot of moving parts to running a successful company. It’s easy to overlook critical areas, especially in the beginning. One of the most overlooked areas, which can result in disaster is security. Securing a company network is a completely different animal than securing a few devices but can be successfully accomplished with the right tools and know how.
Data security is a must for all companies from startups to enterprise size. Verizon’s 2020 Data Breach Investigations Report looked at 81 contributing organizations and confirmed 3,950 breaches. The report showed that 70% of breaches in 2020 were caused from outsiders, and 86% were financially motivated. Ransomware now accounts for nearly 30% of Malware incidents, and 18% of the organizations studied blocked at least one piece of ransomware. Attacks on web apps accounted for 43% of breaches, more than double the results of 2019. Personal data was involved in 58% of breaches, again, nearly twice the number from 2019.
With the clearly increasing trend in cybersecurity attacks and breaches, businesses and organizations must tighten up their security efforts to maintain credibility and protect their valuable assets and customers. In this article, we’ll take a look at the top 9 IT security measures you must address to ensure a safe and secure network in 2020 and beyond.
1. Hard Disk Encryption
Are all of your in-house and remote devices properly encrypted? Hard disk encryption places an exterior guard on the internal contents of computers and devices. Whether your team members are using Windows PCs, Macs, or mobile devices it’s crucial that these computers are encrypted especially in cases where they’re stolen or lost. For Windows, Bitlocker is the native hard disk encryption and is easy to implement. On Macs FileVault is a trusted safeguard.
2. Multi-Factor Authentication
Does your company use G Suite or Office 365? Multi-factor authentication is the single most effective control to safeguard a startup against remote attacks. When implemented correctly, it can prevent cybercriminals from gaining access into your organization, even when credentials become compromised. Making multi-factor authentication mandatory for G Suite, Microsoft 365, and any other cloud application you’re using is an absolute must.
3. Endpoint Protection
Cybercriminals are experts at finding sneaky ways to breach networks. Any device, like a smartphone, tablet, or laptop, provides entry points for security breaches. Endpoint security secures all endpoints connecting to a network to block access attempts from outsiders. Endpoint detection and response antivirus/antimalware is a must now more than ever with remote team members working from home. SentinelOne and Cylance are two of the best EDR solutions and both are compatible with Macs and Windows.
4. Browser Protection
Did you know 85% of ransomware and other breaches are a result of users clicking on malicious links vie email or a website? With today’s remote workforce your team is more vulnerable to security breaches than ever before. Only a proven DNS and web filtering solution like Cisco Umbrella can consistently block malicious links from reaching your team member’s computers. Umbrella is a cloud-delivered security solution that extends protection to devices and remote users in any location.
5. Patch Management
Hackers keep on top of patch software patch releases and so should you. Software patches and updates prevent your software and systems from bugs, malware, and backdoor security breaches. Both Apple and Microsoft release patch updates to remedy vulnerabilities in their operating systems. 3rd party solutions such as Zoom, Firefox, Chrome, Adobe, etc. also are constantly releasing patches. It’s important that these patches are applied when released, and that you have a reliable system in place to manage and tracks patches for OS and 3rd party software.
6. G Suite and Microsoft 365 Backups
Just because you’re using cloud applications, it doesn’t mean you’re getting the backups you need. Many companies make the mistake of thinking that because their email, contacts, calendars, file storage, and other collaboration tools are in the cloud that their data is safe and there is no need to backup this data. However, both G Suite and Microsoft 365 go down all the time and there have been reports of lost data with no way to retrieve the missing files or emails. A solution like Datto SaaS Protection will back up your Microsoft 365 and G Suite 3 times each day, can assigned an entire profile to another user, and backs up infinite versions.
7. Dark Web Breach Monitoring
The Dark web is notorious as a marketplace for drugs, pornography, weapons and other illegal items. But to the surprise of many it’s also the top marketplace for stolen passwords and credentials. Dark web monitoring is an identity theft prevention solution that allows you to monitor identity information on the dark web and get notifications if that information is found online. You can monitor if any of your team members’ emails and passwords are posted for sale or have been sold and take action before further damage occurs.
8. User Security Awareness Training and Simulated Phishing
An aware and well-trained staff is your greatest defense against security breaches. Studies show that security awareness training and certification reduces phishing susceptibility by 75%. Random and realistic phishing exercises are effective tools to reinforce training and keep your staff focused on the reality of continual cyber threats.
9. Single Sign-On or Password Managers
Employees waste a lot of time searching for various passwords, and they don’t always store them in secure places. Single sign-on (SSO) is an authentication service in which an identity provider (IdP) allows one set of login credentials to be used to access multiple cloud-based applications. This helps address password and access management security concerns and increases workplace productivity.
Bonus: Defining and Enforcing Security Policies
Have you written down, shared, and communicated clear and thorough security policies to your staff? The burden is on you to make sure they understand what is expected. Clear and well-defined security policies provide accountability for everyone within an organization. Every company needs a UAP (user acceptance policy) that addresses Wi-Fi, mobile devices, and all other areas related to IT security.