PBT Cloud Security Recommendations (Serverless environment)
It’s now more than ever possible for many small to medium businesses to run their entire technology infrastructure on the cloud.
Utilising cloud-based applications like Office 365, Sharepoint, and Financial & ERP systems built for the cloud, the need to maintain on-premise servers is often not required.
As clients move toward the serverless environment, a hybrid approach is often utilised using both On-Premise and Cloud-based applications.
IT Security for companies utilising Cloud Technology should still be first and foremost. With the ever-increasing threat of Cyber attacks, simply moving your data and critical business applications to cloud-based apps doesn’t lessen the need for IT Security.
For small and medium businesses, it isn’t about being ‘un-hackable’.
It’s about taking appropriate steps to reduce your risk and tip the odds in your favour, while being cost-efficient about your approach.
Just like you know that locking your car door at night isn’t going to stop someone from stealing it, businesses need to provide a layered approach to IT Security.
Below, we provide this list of recommended steps for small and medium businesses utilising cloud applications to follow. Please use this page as a checklist to think about your organisation and how well prepared you are for the coming threats.
All Small and Medium Businesses should have the following in place:
IT Maintenance & Monitoring
First & Foremost, we recommend Monitoring and Maintenance steps to ensure that your environment has the latest updates, security features and basic checks in place. Read our recommended IT Maintenance and Monitoring steps here.
Endpoint Protection & Response – (Replaces Traditional Anti-Virus)
Endpoint Detection & Response (EDR) software has replaced standard Antivirus solutions as the more advanced and secure solution for stopping Viruses and Malware on staff devices and servers.
EDR solutions provide more comprehensive network security than traditional managed antivirus solutions and have capabilities that many managed antivirus software programs can’t offer.
EDR doesn’t just use traditional virus signature updates like Anti-Virus, but also collects data on numerous activities across a device and monitors the activities executed on the device to identify and remediate threats.
It uses machine learning and artificial intelligence to track potential threats and act on your behalf to stop and even roll devices back to their pre-attack state.
As an example, suppose an individual makes the mistake of downloading an attachment from a phishing email. In this case, the malicious document will attempt to take control of the device by launching a script so it can download ransomware software. EDR will log and monitor this behavior, quarantine the Ransomware, and roll back the endpoint to a known safe state. It’s even possible to disconnect and isolate the infected device from the network—minimizing the risk of other devices becoming infected.
Two Factor Authentication on Microsoft 365
While we cover two-factor authentication in our Office 365 Guide here, it’s worth mentioning that two-factor authentication should be enabled on Microsoft 365 logins. Where passwords are compromised, this protects the users from having their email, and other data breached as it requires an additional code to also be entered to gain access.
Two-factor authentication can help stop a common Email Breach attack, which is often used to get staff to unknowingly transfer money to incorrect bank details.
Two Factor Authentication on Other systems
Two Factor Authentication is now widely used to secure most systems. With more staff working from home and needing to access the company systems from home or remotely, organisations are using the protection that two-factor authentication.
Mail Protection / Filtering Software
An essential component as a layer of defence against cyber-attack. Your email passes through a complex scanning engine that looks for spam & malicious emails and filters them out before getting to you or your staff. This reduces the chances of Phishing attacks, Crypto viruses & Ransomware entering the organisation.
Web Protection controls which websites employees can access and scans web pages before they load. It looks for suspicious indicators so that they can block the websites in real-time. This can greatly assist when staff accidentally click on links in fake emails, stopping malware and loading fake websites that capture your password details.
Microsoft 365 Backup
As customers move their data to the cloud and leverage Microsoft’s services, it is important that a backup of this data is taken regularly to another location and be easily restored.
Multiple backups per day can be taken on mailboxes (emails) Sharepoint/Onedrive (files). In the event of a staff member accidentally (or purposely) deleting files they can be restored back to the original location or to a new mailbox / Sharepoint site.
Complex Password Policies
The longer and more complex a password, the longer it takes for cyber criminals to work them out. They use automated software that scan the internet for commonly known exploits (a front door to your system) and then start systematically trying password combinations. Complex passwords can increase the time it takes to work out a password from a few hours to hundreds of days.
Password Management System
Organisations should store passwords in a secure, encrypted system that can be accessed by staff with authorisation. These systems are relatively inexpensive, and provide a key layer of protection.
Leaving staff to individually manage passwords will lead to them often stored in unencrypted files on a user’s desktop or in their Email Notes and various other methods.
They should be stored in a safe and secure company-wide system with auditing enabled so an organisation can see which staff have accessed a particular password.
All staff can have separate areas within the system to store their personal passwords, as well as passwords used across the organisation by multiple staff.
Education & Testing
You are a security layer. By paying attention and being educated on the common security risks for SMB’s you can help protect your organisation against cybercrime. There are a number of security tests that can be run on a regular basis which we outline here in our recommended monitoring & maintenance plans.