4 simple tactics to protect your business from malware attacks
For small businesses, malware is an unwelcome predator. The software itself comes in many shapes and sizes, but its end goal is always the same: to compromise your networks, servers and devices, and gain access to your business-critical data.
Here are four simple tactics you can use to protect your systems from malware.
#1: Install antivirus software
Antivirus software works by scanning your system for malware and quarantining or deleting any infected files. It’s your first line of defence in preventing a malware infection.
If you’re using a popular operating system like Microsoft, then antivirus software is included for free. Remember to enable it across all your computers, laptops and office equipment. There are also many good quality commercial antivirus products available, such as Norton and McAfee. These can be particularly useful for businesses with more complex IT systems.
Smartphones and tablets might require a separate configuration. The National Cyber Security website has straightforward guides for configuring the platforms that are commonly used in the UK today.
Antivirus software is only effective if it’s up-to-date, so once you’ve installed a program, make sure you keep it updated. Good antivirus software should update automatically, though you may need to manually trigger an update from time to time.
#2: Train your staff to avoid malware
Malware can only get onto your system if someone downloads it, clicks on a malicious link or opens an infected email attachment. That’s why it’s important to educate your employees about the appropriate way to click and download.
Ensure you have a policy in place to help staff manage the threat. For example, you might establish the following rules:
- Don’t download files or open email attachments from unknown or untrustworthy sources.
- Be careful when clicking on links, even if they’re from a trusted source. Make sure the URL is correct before clicking.
- Only download apps from approved stores.
- Only use approved external storage devices, such as USB drives and cards, from within the organisation.
- Forward any suspicious emails to IT or your outsourced security team.
Training programs are available from many sources, including the National Cyber Security website. You can also find helpful staff training guides online.
#3: Patch your applications
If you do one thing to reduce your cyber security risk, it’s the patching (or updating) of your software, applications and operating systems so they’re running on the latest versions from software developers. Programmes that haven’t been updated are the number one route cybercriminals use to hack businesses.
Ideally, you’ll use automated updates to top up your security every day. Some companies have a manual “patch Tuesday” policy, where they manually check and install all the latest security patches on the second Tuesday of every month.
Tip: At some point, your product will reach the end of its supported life and the developer will no longer release patches for that product. When this happens, you’ll need to replace it with a newer, supported version.
#4: Switch on your firewall
A firewall is a barrier between your network and external networks like the internet. Its role is to block incoming traffic from malicious sources, while still allowing legitimate traffic through. It can also block outgoing traffic to prevent sensitive data from leaving your network.
Most operating systems now include a basic firewall, so it’s just a case of turning it on. However, firewalls are not a one-size-fits-all solution. You may need additional firewall protection if you have a lot of users, you manage a lot of sensitive data, or you have a lot of remote and mobile employees.
External IT services like Point of Sale systems are a bit like opening a backdoor malware. Make sure your POS system is behind a firewall with separate credentials and password to keep it safe from attack.
Summary
Antivirus software is your first line of defence against malware. Install it on all of your systems and keep it up to date. Humans are the weak link in your security, so educate your employees about security threats and have a policy in place to help them avoid malware. Patch your systems regularly and switch on your firewall for additional protection.
CNS IT provide managed IT solutions and support to small and medium sized organisations across North Wales, Cheshire and Wirral.
www.cns-it.co.uk