How to
Ryan Harnedy
Jun 2016

Raise Your Cybersecurity SPF

Photo by Source

photo-1414269665217-a57681e266b3-888016-edited.jpeg

My Dad dispensed a lot of wisdom throughout my childhood, but the one piece of advice that, for me, still sticks out as the truest is, “There’s nothing worse than a sunburn on the first day of vacation.”

The main reason this piece of advice sticks out so strongly is because he said it to me right after I got an absolutely awful sunburn on the first day of vacation. I made it a point to know exactly what I needed to do to keep from ever getting burned like that again. 

The reason I share this personally traumatizing event is because, as someone who was new to cybersecurity the parallels between sunscreen and cybersecurity helped me understand how you build a multi-layer security strategy. Just like how your sunblock needs to be waterproof if you’re going swimming, or you need all-day sunscreen if you’re going to be spending the day outside, as an IT team you need to figure out what features your security strategy will need.

So before you lock the doors for the weekend and hit the beach for some vitamin D, take a look at how you’re keeping yourself from getting burned by cyber criminals and look to see if there are any touch ups you might need to make to keep from getting roasted by ransomware, malware, or phishing attacks.

Network Perimeter Protection

This is the spray-on lotion of cybersecurity: a strong base layer of protection that can cover a lot of computers with a wide net.

Perimeter protection is the first line of defense and is designed to keep attacks from penetrating any part of your network. Firewalls and web filters are the most common tools in this layer and provide a robust, wide-reaching protection for your business.

Companies whose data is especially valuable to hackers such as law firms, healthcare companies, finance firms would find this type of protection the most beneficial.

SPF: 15

Endpoint Protection  

The wide-reach of perimeter protection is great but you also need that thick, heavy sunscreen so you make sure that all of your little spots: elbows, knees, back of the neck, are also covered.

This type of stronger, more targeted security is your endpoint protection. Equally as important as perimeter protection is the ability to make sure your individual machines are protected against cyberattacks.

Like perimeter security, endpoint protection is a good layer for everyone to have but it’s the most important for companies who have employees who work remotely or travel frequently, and any company that fears they might be the target of a ransomware attack.

SPF: 35


Network Monitoring

Have you ever been on the beach and when you think you’re done putting on your sunblock you notice that a couple spots are getting kinda red? Network monitoring is your IT version of those spot-checks on the beach.

Network monitoring is used to see if there are any anomalies in traffic, or any data requests that seem out of the ordinary.

This layer of security also lets you know if any of your users are in danger of getting burned. However before you apply this layer of protection you’ll want to make sure you have your perimeter and endpoints covered but it’s a key way to make sure the protection you have in place is doing its job.

SPF: 10

Authorization/Access Control

Did you know that sunscreen can expire? I didn’t until I did research for this blog post but it’s true. It takes a couple years but if your sunscreen goes bad the UV rays will just go right on through and burn you.

Similarly, if you don’t take steps to control who has access to your company’s data you may find yourself with a great security strategy that isn’t preventing the wrong people from accessing your most critical information.

Authorization and access control (you need to have one to have the other) enables you to decide which people can access important information. This type of access limitation can prevent hackers and phishers who have gained access to your network from stealing additional, more critical information, because the person they are impersonating on your network doesn’t have authorization to access that data.

Access controls are a critical addition to any security strategy, but are especially important for companies whose primary product is intellectual property such as law firms, ad agencies, and biotechnology.

SPF: 15

Auditing

Auditing is the IT security equivalent of getting ready for the beach and asking your friend to check your beach bag and make sure you have everything. It can be embarrassing to realize you forgot your towel but isn’t it better if a friend tells you rather than to get to the beach and be sitting on the sand?

Security auditors main job is to poke holes in your security strategy and help you figure out ways to plug them. Some companies prefer to do an internal audit but it’s strongly recommended that if you’re going to do an audit, hire a professional security auditor to perform it.

Auditing is critical for companies with large and complex infrastructures because the complicated nature of their security means that there can be more vulnerabilities that are harder to see. For smaller companies however, it would probably be better to invest in better endpoint and perimeter protection and put off auditing until it’s more necessary.

SPF: 10

Incident Response

There is a basic truth that applies both to sunscreen and cybersecurity: you should take every precaution to protect yourself but there’s no guarantee you won’t get burned. If you stay out in the sun too long and don’t reapply your sunscreen sooner or later you’ll get burned. Similarly, even if you install every security product, train every user perfectly, and install every update there is always a chance you may still get hit with a cyber attack.

The aloe to this cyber-burn is incident response. A process rather than a product, incident response is the plan you use to analyze, address, and recover from a cyber attack.

Conducted by a team of employees who specialize in IT and crisis management incident responses are used to help discover the cause of a breach, figure out ways to mitigate the damage, and how to address this issue with the public.

Much like aloe, incident response doesn’t have an SPF rating because it’s used to heal from damage rather than prevent it. However if you have the bandwidth it is worth taking the time to build out an incident response plan so that if you do get burned, you can limit the damage and learn how to better protect yourself.

Photo Credit James Douglas

Ryan Harnedy

Ryan Harnedy

Ryan writes about how to make cybersecurity make sense to end users and keep employees safe from ransomware, malware, and phishing attacks. He enjoys decoding buzzwords and sharing security tips that users might actually follow.

lock-white.png

Close the gaps in your security

Stop paying for AV, get the strongest protection instead. See how Barkly blocks attacks that are getting past AV.

See a demo

Comments

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.