Our Top 6 Security Recommendations

Meet the security challenge with eyes wide open.

Here are our simple, practical tips to help keep your data safe and secure online.

Staying secure in the modern world

The recent hack of the Reserve Bank of New Zealand – Te Pūtea Matau (RBNZ) highlights that even central governments struggle with cyber security. Cyber crime is on the rise, and COVID-19 has provided a rich array of new opportunities for the criminal world. There are a number of things that you can do to mitigate some of the risks, and become a harder target. 

Here are our top six security recommendations that every individual and organisation should be adopting. 

  1. Always keep the system software updated. This is the software on your laptop, tablet and phone as well as any network equipment such as routers and modems. The breach at the RBNZ was due to outdated software on a network appliance that they had not maintained and patched. The bad agents used a flaw in the software to gain access. Had they kept this updated they may not have been breached. 
  2. Use Anti-virus software. And keep it updated. There are almost daily updates to most AV products to keep you safe and secure. No operating system is immune to virus attacks, and contrary to popular belief there are now more viruses and malware for MacOS than Windows. 
  3. Use disk encryption. Encrypting your hard drives and USB drives will render them useless if they are lost or stolen. The contents are unreadable if someone trys to access without first decrypting. Both Windows 10 Pro and MacOS have built-in support for drive encryption and it is a very simple process to turn on. We hope that the devices stolen from Capitol Hill in January were encrypted!
  4. Use MFA. Using multifactor authentication provides an additional layer of protection to your accounts. Most applications now support the use of MFA (sometimes called 2FA) and a mobile app. It is a simple yet effective way to add extra security to your applications as without it attackers cannot access a system, even with your username and password. TIP: DO NOT use SMS/Text as a secondary authentication method. It is easy for someone to spoof your mobile number and intercept a message. 
  5. Run Phishing simulations and training. The easiest way for someone to get into your systems is if they know your username and password. It is very easy for someone to craft an email purporting to be from a trusted persons or company, and tricking you into handing over your credentials. There are a number of tools available to run these simulations and to block phishing emails. 
  6. Use Data loss prevention policies. Both Office365 and G Suite have policies available with all subscriptions. The key is to really know your data; where it is, who should have access, and how sensitive it is. Then you can easily develop policies to prevent your data from leaving your environment without your knowledge. 

Talk to us today about how we can support you to secure your environment using these and other tools. 

Subscribe to our newsletter

Subscribe to Cyclone news to keep up to date with new technology, current trends and future thinking.

search articles
Aaron Overington
written by our very own

Aaron Overington

Aaron is an IT management veteran with over 20 years experience under his belt, but his passion for technology started even further back in the early days of desktop computing with the ZX Spectrum, the Amiga and the BBC Micro.

Aaron is a key part of the Cyclone team and works as one of our Technical Account Managers, we simply know him as a trusted advisor and a safe pair of hands. Aaron takes the time to understand the demands and needs of NZ businesses and schools before developing tailored solutions.

connect with aaron on linkedin