Information technology is widely deployed in almost every industry these days. Business managers need to concern themselves with cybersecurity regardless of whether they’re running a major freight company or a small retailer. Rather than get worked up about the issue, check out these six simple ways to improve a company’s cyber safety outlook.
1. Always Install Updates On Time
The single easiest way to stay ahead of the game as far as cybersecurity is concerned is to make sure that all of your system software is updated. Bad actors are always on the lookout for known exploits, so simply running an update routine can improve things substantially. Online fraud costs more than $130 billion a year, so it pays to install these packages even if they seem like a nuisance.
2. Use a Modern Browser
Even those with a fully updated operating system could still be at risk of an exploit if they’re running an outdated browser on top of it. Major browser updates generally come in once a month, so it’s important to stay on top of these.
3. Switch Out Compromised Hashing Algorithms
When someone stores secure hashes of their customers’ passwords, they need to be protected with an algorithm that hasn’t been broken yet. Computed sums that adhere to RFC 1321 rules are no longer secure, and these should be replaced if they’re still actively attached to anything confidential.
4. Check Firewall Settings
Unless they’re running on a server, client-side firewalls should automatically reject most incoming requests and accept those that are outgoing. Only those that have to sort out proxy data getting fed to other users really need more complicated settings than these.Public-sector cybersecurity experts encourage people to be aware of this because firewall breaches are one of the easiest ways cyber criminals gain access to a network, data, or information..
5. Delete Old User Accounts
Chances are that an overwhelming majority of public-facing computers play host-to-user accounts that are no longer valid. Make sure that all login credentials that haven’t been used in a certain period of time automatically expire. It’s also a good idea to erase any credentials that belong to people who no longer work for a particular organization. Doing this will help reduce a system’s attack surface by denying potential attackers a way to get in.
6. Lock Down Container and File Privileges
Containers and files that encapsulate privileged information should be clearly marked. In general, nobody accepts their owners and the root user of the server they’re on should never be able to modify them. Some companies may want to consider using an immutable Unix distribution when deploying container objects to reduce the risk that someone could use these as an attack vector. Bad actors who seize control of a container are often able to use them to execute arbitrary code, which could theoretically do anything they want it to. Tech-savvy attackers could even create root-privileged accounts for themselves if every object attached to a directory tree isn’t properly locked.
