In previous articles, we looked at the six main pillars that are designed to limit or contain the impact of a potential cybersecurity event. Now we will highlight 10 practical systems, tools and practices that help to LOCK SHOP and protect devices, networks and critical assets against breaches or attacks.

1. Passwords

2. Multi-Factor Authentication

3. Antivirus/Anti-Malware

Software

4. Data Back-up Systems

5. Data Loss Prevention

Systems (DLP)

6. Mobile Device Management

Systems (MDM)

7. Firewalls & VPNs

8. Intrusion Detection/

Prevention Systems

9. Security Information and

Event Management (SIEM)

10. Ongoing User Security

Awareness and Training

Passwords

Users and organisations must employ and enforce strict password usage practices and policies. Password must be difficult to guess and must be changed regularly. These practices may seem initially onerous; however, there are tools available in password manager software to help users contend with the need for more complex passwords and procedures.

Multi-Factor Authentication (MFA)

In addition to passwords as the second layer of access control is strongly recommended. Multi-Factor Authentication (MFA) adds this second layer by requiring that another form of authentication be presented to gain access to systems or data. This second layer may take the form of an additional pin code or a randomly generated code from a third-party authenticator.

Antivirus/Anti-malware Software

The old faithful antivirus software still plays a critical role in protecting devices and data from attack. Over time antivirus software has become more sophisticated and comprehensive in its capabilities and offerings. It is important to stress that the best antivirus/anti-malware offerings are not free. Free offerings only offer essential protection that is not sufficient in today’s threat landscape.

Data Back-up Systems

Backing up data is one of the most critical practices individuals or businesses must use to ensure data safety. But it becomes more urgent given the upswing in ransomware attacks these days. In many instances, back-ups are the only protection organisations have against ransomware attacks. Investment in robust back-up platforms and well-documented and defined data retention policies will always prove to be a worthwhile investment.

Data Loss Prevention Systems (DLP)

Data loss prevention systems and tools are different from data back-up systems because they ensure that sensitive data is not lost, misused, or accessed by unauthorised users. DLP systems classify confidential and business-critical data, employ encryption technology to secure data, and ensure that an organisation is alerted whenever data that could put the organisation at risk is accidentally or maliciously shared.

We will look at the remaining five systems, tools, and practices in our next article.

Trevor Forrest is the founder and CEO of 876 Technology Solutions. Christopher Reckord is CEO of Managed IT services provider tTech Limited. Collectively, they have approximately 80 years of experience helping organisations of varying sizes procure and implement information technology solutions and transform digitally.