4 Signs Your Business Is Vulnerable To Hacking – And How To Stop It!

With 39% of UK businesses experiencing cyber-attacks in the last 12 months, cybersecurity consultancy FoxTech offers their insights into four of their most common issues to help businesses become more aware of the issues they may be facing and what they need to do. must do. do about them.

1. You don’t know which devices your employees are working on

The UK government’s 2021 Cyber ​​Security Breachs Survey shows that organizations have found it more difficult to keep track of their endpoints since working from home has become a widespread practice. Many employees now conduct business on a number of devices on a daily basis, including office desktops, company laptops, personal computers and smartphones.

Why is having many devices a problem? Anthony Green, FoxTech CTO, discusses:

“It’s not a problem per se,” says Anthony, “but it becomes a problem because the current working model can leave business owners or IT managers not even knowing what devices are being used to access sensitive corporate data, or how securely it is. Issues such as running unsupported versions of Windows and not updating malware protection and firewall software increased significantly in 2021 compared to 2020, and the Cyber ​​Security Breachs Survey 2021 attributes the decline in good endpoint security measures to large and various device profiles.”

What must we do:

Minimize the amount of sensitive data stored on both business and personal devices by ensuring employees only have access to the data they need. Create a bring your own device (BYOD) policy. The National Cyber ​​Security Center (NCSC) has an excellent step-by-step guide to creating a BYOD policy

You have not kept track of your online wealth

“When we do our security analysis, we often find forgotten assets such as website domains and databases. Often these are exposed to the internet – completely unbeknownst to the company. Forgotten assets are an easy gateway for hackers – they can use them to jump into software, files and devices you are using in an attempt to steal your data.”

What must we do:

Companies that have lost track of their online assets can take one of FoxTech’s free CyberRisk Assessments. This immediately shows what assets you have and whether they have been exposed to the internet Remove/delete unused assets to ensure your online presence is limited to only what is necessary and manageable Invest in professional cybersecurity monitoring for existing assets to ensure any suspicious activity has been spotted

3. You have not set up a DMARC

Domain-based Message Authentication Reporting and Conformance (DMARC) is an email authentication, policy, and reporting protocol. In layman’s terms, it protects you from email spoofing (people sending emails on behalf of your domain), spam, and phishing.

“According to security software company Trend Micro, 91% of breaches start with a phishing email, so setting up DMARC is one of the best ways to prevent someone from successfully targeting your email database.”

What must we do:

Configure DMARC. The good news is that it is not expensive. Installing it yourself is free, and installing by a trusted third-party cybersecurity company costs little money

4. You delay installing software updates

Installing software updates is a quick and free way to strengthen the company’s system security. Software updates provide a number of benefits and revisions, including patching security flaws, removing bugs, and removing outdated features from your device.

What must we do:

Locate devices that are still running outdated software. Don’t rely on alerts alone. Not all devices provide adequate software update alerts, so it’s good practice to manually check for updates at least once a month. Educate employees about the importance of software updates and establish a company policy around regularly checking and installing updates on all your devices and software packages