Server, network and business equipment security cannot be solved with only an antivirus. Does it help to have it? Yes, but if it is not accompanied by a data protection and control policy, it is likely that a malicious program will bypass that barrier and generate great damage in the dealership.
According to the Cyber Security Ventures site, there is a ransomware attack on companies every 14 seconds… and by 2021, those attacks will happen every 11 seconds. The risk of suffering an attack is very high and also has very expensive consequences. These types of attacks encrypt the data of the computer or the server to which they enter and demand a payment to recover them.
In this article we suggest some good practices to apply to your IT infrastructure that will create barriers against these attacks.
Security Policy
If you don’t have one yet, it’s time to create it. An acceptable security policy tells employees what they can and cannot do with the company’s hardware and software and, above all, communicates the risks. For example, if employees connect personal equipment to the network, install software or misuse the hardware, there is a risk of infecting the entire network.
Password Policy
Whatever system users use, it is recommended that they have complex passwords (minimum length, numbers and special characters). Password should be changed frequently, and previous passwords shouldn’t be reused. Although it seems obvious, users should be reminded that it is not advisable to share passwords.
Corporate Antivirus
Unlike standard antivirus software, corporate versions will allow you to monitor and control all the equipment used. In addition, you can ensure that all computers are updated with the latest version of the antivirus which helps avoid security breaches.
Updated Software
It is key to keep all the company’s software updated, as developers continually send out security patches and solutions to bugs or potential threats.
Backup Strategy
To ensure the security of your business database, it is advisable to perform at least one daily backup on disk, and also in the cloud or on external equipment. This will not only protect you in case of unwanted access to your database, but it prepares you for any physical problem with your server. In addition, it is advisable to do monthly backup restoration tests to know that you can count on that backup when you need it.
Vulnerability Tests
It is recommended that your technicians perform vulnerability tests monthly with the aim of detecting gaps and weaknesses; this helps prevent problems with malicious connections, hackers or harmful software.
Physical Security
It is advisable to restrict access to the company’s servers. Keep them in safe and inaccessible places where only qualified technicians can access them.
Private Networks
Virtual private networks (VPNs) are a way to ensure a secure connection with computers that work from outside the dealership. Two branches of a company can connect via VPN in a secure and controlled way.
Analyze and Filter Suspicious Emails
Use an email server that excludes emails that may be malicious. More importantly, remind your employees that they should not open emails from accounts they do not recognize, nor download attachments or executables.
This set of security practices is recommended to guarantee the security of the data and the servers at the dealership, so that in case of any problem you have a backup to return to work normally in a few hours.