10 Essential Online Security Measures to Implement Today

Have you fully protected your business from online threats? Cyber-attacks and data breaches have become more and more frequent in the past years, and no business, not even the smallest, is safe from hackers. That’s why it’s essential that you’ve put the shields in place to protect your business’s network from hacker. All it takes is for one virus, spyware, or hacker to slip past your defenses and you can lose everything you’ve built up. Here are ten of the most essential online security measures you need to have in place to prevent this from happening.

1. Use two-factor authentication

This type of authentication makes use of two different methods of verifying a user’s identity and should always be used when accessing customer accounts or transaction details. You will have to log into the system using your username and password, of course, but then you will be asked for additional information. This could be a code you receive through an app or text message, for example. It makes it much more difficult for a hacker to get into an employee’s account and access sensitive information.

2. Use Strong Passwords

If employees have been taught to create and use strong passwords, your network security will be that much stronger. These passwords need to be at least eight characters long and need to have a mixture of upper and lower case letters plus numbers and special characters. You also need to make sure that your employees know not to use things like their names, birthdates, spouse’s name, or any other information that someone could easily guess. They also need to avoid common words or strings of characters that are quick and easy to type and to avoid writing down the password and leaving it under their keyboard or in any other easily accessible location. Employees should change their password every 90 days.

3. Use Cloud Encryption

If you are using the cloud to store any of your data, you need to make certain that you have encryption enabled. Many hackers target cloud storage, and many succeed in stealing data saved there. While it is very convenient to be able to access your data from any location, it’s absolutely vital that you protect it while doing so. Many businesses use what is called zero knowledge encryption that allows files to be stored and shared on any cloud server with very little risk. It does, however, require all devices to have cloud encryption enabled, including mobile devices.

4. Use a Strong Firewall

Make certain you have a strong firewall in place to protect your network. The firewall will allow you to control what traffic comes into and out of your network. It will alert you if someone is trying to break into your system without you knowing it or help you track down viruses being sent out of your system.

5. Do Not Allow Users to Bring Jailbroken Devices to the Office

Jailbroken devices may seem harmless, but they actually lack some of the strong security that non-jailbroken devices have to protect them against apps filled with spyware and other malicious software. These apps can introduce a number of security issues to your network, so it’s simply better to let your employees know that no jailbroken tablets or smartphones are allowed on the company network.

6. Have Ad-blocker Installed

Ad-blockers will help prevent ads and other malicious trackers that slip past your anti-virus scanner because they aren’t technically being downloaded to your system. However, they can still cause a lot of problems, so it’s best to shut down these hidden trackers before they do anything. Ad-blocking programs can stop these ads from being displayed at all, blocking all the scripts associated with them.

You may also want to install a program that blocks Adobe Flash automatically but gives you the option to enable it on a case-by-case basis if you still need to access webpage elements that run on Flash. However, because it has a number of different security issues, many people have completely blocked Flash from running.

7. Use Network Intrusion Prevention and Detection Software

A network intrusion prevention and detection system such as Snort can help you determine when someone has infiltrated your network. This software will identify any unauthorized access by hackers and other infiltrators, but it will also watch what your authorized users are doing on the network. If someone starts repeatedly trying to access files or folders that they should not be, it will flag the account as possibly being hacked. This will show you what accounts may have been breached or which users may be trying to do things they shouldn’t be.

8. Update your Software

While it can be a pain to have to wait for software to download and install updates and then restart, it’s very important to do these updates as soon as they become available. These patches and updates are created to deal with security issues and other problems that the software programmers did not catch before releasing the program. In some cases, these patches fix backdoors that hackers have found and are actively taking advantage of. By closing these backdoors, you’re protecting your system from a very real threat.

9. Secure your Mobile Devices

If you have people using laptops, tablets, and other mobile devices, make certain that all data these devices have is encrypted and locked down. These devices are much easier to lose or have stolen than desktop computers, so they need extra layers of security, especially if they are used to collect sensitive information. The hard drives should be encrypted so that data can’t easily be pulled from them.

10. Monitor Your Network

Finally, make sure you’re not just looking at what’s coming into your network but also what’s going out of it. Sometimes, spyware and malware can get past your scanners, and when that happens, these malicious little programs are likely to start sending out information to others. If you don’t have any software watching for this, you may lose all of your protected data without even realizing it.

Join the CSO newsletter!

Error: Please check your email address.

Tags online securitytwo-factor authenticationcloud encryptionfirewallcloud securityad blockerpassword protectioncyber securityJailbrokenpassword strengthnetwork security

More about Intrusion

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Joy Mali

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts