A client recently asked if we practice what we preach. This was in respect to the firewall, anti-virus, backup system, agent on our system, MFA and Microsoft Office 365. We let him know that we do. We use the solutions on our network that we recommend to our clients in Polk and Hillsborough County, Florida.
Let’s start with MFA. Multi-Factor Authentication helps us protect our identity and accounts. More organizations are using it for its security and ease-of-use. You’ve probably already used 2FA. For example, when you go to the ATM to deposit or withdraw money, you swipe your bank card and enter your personal ID number (PIN).
It’s much the same when you go online to your bank account. You sign in with your ID and enter a passcode, but there’s one more step. A one-time code is sent to you via text message on your mobile phone or in an email. Once you enter this code on the bank’s website, you can get into your account.
Decades of successful attacks against single-factor authentication methods, like login names and passwords, are driving a growing widescale movement to more secure, multi-factor authentication (MFA) solutions. Although MFA solutions have been available for decades, due to a variety of reasons, there is now an ongoing, wide scale, rapid adoption of MFA/2FA (two-factor authentication) in both corporate environments and by internet websites.
Attackers exploiting authentication often look for weaknesses in implementations along the entire process. They will look to see if there are gaps in the linkages between the identity, authentication, and authorization…and there often is.
This trend is exemplified by the fact that over the last few years, the most popular websites and services, including those owned by Google, Microsoft, Facebook, and Twitter, have offered 2FA solutions to their customers. Many internet sites and services now offer both traditional login name/password solutions and more secure 2FA options.
By using a second authentication factor (which usually is an SMS text message-based verification code), attackers who only capture usernames and passwords have little use for the details collected.
MFA is good but don’t over-rely your security assurance on it. It’s an excellent tool to increase security, but there is a huge difference between it improving security assurance and it being unhackable. Understanding the difference is crucial.
We only use the best firewalls. In a time when U.S. intelligence officials claim that cybersecurity now trumps terrorism as the No. 1 threat, businesses like ours and yours require the best protection possible. That’s why we’ve chosen the SonicWALL for us and all of our clients.
It has rapidly emerged as a leader in cybersecurity for organizations around the world. And, in our opinion, it’s the best firewall protection today. Why?…
The latest next-generation firewalls (NGFWs) like SonicWALL utilize deep packet inspection to scan the entire packet payload to provide advanced intrusion prevention, anti-malware, content filtering, and anti-spam.
Many applications are delivered over the Web sharing common ports and HTTP or HTTPS protocols. This effectively leaves traditional firewalls blind to these applications and unable to prioritize productive and secure versus unproductive and potentially insecure traffic. Next-generation firewalls like the one we use and recommend provide insight into the applications themselves.
In addition to blocking network threats to protect, manage and control application traffic, SonicWall:
SonicWall security services, running on the high-performance and ultra-low-latency architecture of SonicWall next-generation firewalls, are capable of blocking millions of known and unknown threats from entering the network before they become a danger to your organization.
SonicWall extends the threat prevention capabilities of the firewall by detecting and preventing unknown and zero-day attacks through a cloud-based, multi-engine sandboxing service (that isolates threats from your system).
We back up to the Cloud. We do this once an hour, and we set backups to occur automatically. And we make sure that our backup systems are encrypted.
Just like we do for our clients, we have a policy for our business that specifies what data is backed up, how often it’s backed up, where it’s stored and who has access to the backups. If a computer or server goes down, we know that we’ll always have access to our data.
Here are the reasons why we believe that storing your data in the Cloud is a much better alternative than storing data onsite.
And we ensure information is replicated in multiple data centers. Some cloud services only have one or two. We also make sure the Cloud provides geo-tracking capabilities, so we won’t worry about bandwidth, and so our backed up data will always be easily recoverable and accessible.
We use a good antivirus. You must use a good antivirus (not the one that came with your computer). A cloud-based antivirus is what we use and suggest. It might cost a few dollars a month, but it’s necessary to keep malware and other viruses off of our computers. A cloud-based antivirus relies on an online centralized database that’s always kept up-to-date with the latest virus definitions.
So when we scan one or more files using a cloud-based antivirus program, it’s checked against this online database of threat signatures. Even though we need an internet connection for the cloud-based antivirus software to work, it keeps a cached copy of the most common virus signatures on our computers so we can use it offline as well.
We use Microsoft Office 365 Business. As the most commonly recommended plan for businesses, Microsoft Office 365 Business includes everything we need including:
In The End…
Granted, not all of our clients tighten their security to the same standards that we do. We require Multi-Factor Authentication (MFA), redundancy in internet, firewalls, backups and more. Unfortunately, not all of our clients are willing to go through the extra step of MFA or pay for the additional redundancy. However,100% of our clients have the ability to be set up just like we set up our systems.
Want to learn what other solutions we practice what we preach? Visit our Blog.