As you are all aware in February of this year, the Notifiable Data Breaches Scheme commenced in Australia. You as an entity now have the obligation of reporting when a data breach is likely to result in serious harm to any individuals whose personal information is involved in the breach.
With the ongoing issues of Data Security and Cybercrime, the European Union has just released their own Data Protection Policy: the General Data Protection Regulation, also referred to as GDPR. This regulation ensures there is one set of data protection rules for all companies operating in the EU, wherever they are based. The most important aspect of these new laws is ensuring your own Company Data is protected and secure. With new threats emerging every day, the risks of not securing your network is more dangerous than ever, especially for companies. Verizon stated that 61 percent of breach victims in 2017 were businesses with under 1,000 employees.
With security and compliance an integral aspect of all companies, in recent months we have been contacting you by either email or phone to discuss your IT infrastructure. Please take these calls and Security Audit notices with serious consideration. If you receive tickets that our technicians are investigating excessive log-in attempts, and request a security audit – please do so. With businesses falling victim to a ransomware attack every 14 seconds, there is no time to waste. We as your Managed Services Provider are doing our best to make sure your company is safe & secure against all threats; however, we need your cooperation to do so.
There’s no question that the situation with cybercrime is incredibly serious. It is not a matter of if you will get targeted, it is when. Products and solutions that have provided a foundation for a small business’s IT 2 years ago are often not adequate to offer full protection against these current threats.
There is no single solution that will fully protect your business, and some businesses may not be able to implement all the recommendations to be fully compliant. Our aim is to provide the required information and recommendations necessary for the business owner to make an educated decision on security and business continuity.
Below are the top 10 minimum requirements for all businesses to consider for increased security:
- Enterprise Grade firewall with Advanced Threat Protection for on premise data.
- Implementation of VPN for remote access into the business.
- Ensure on premise data is backed up to dual destinations, including one off-site.
- Implement Advanced Threat Protection on all incoming emails to protect against malicious links.
- Migrated emails to Office 365 where possible to reduce the risk of downtime
- Ensure all server Hardware is in warranty and all software assurance is maintained
- Ensure Office 365 is backed up , including Mail Archiving.
- Understand the business continuity plan and time to recovery (virtualisation, live backups)
- Draft a Business Disaster Recovery Plan.
- Undertake Regular Network and Security Audits including passwords changes.
We want to ensure your company IT infrastructure if as secure as possible. If you would like to discuss your security options further, please contact us sooner rather than later.
P: 1300 705 062