We work with many small and medium businesses implementing and supporting Cloud Server IT environments, business critical data and systems.
A Cloud Server environment is where our client utilises a virtual server/s hosted on a cloud platform like Microsoft Azure, (which is our recommended provider) instead of having their own server/s.
Often a hybrid approach is also utilised using components On-Premise and on Cloud Infrastructure. No matter the exact configuration, much of the focus and challenges faced by small to medium businesses revolves around IT security.
IT Security isn’t about being ‘un-hackable’, it’s about taking appropriate steps to reduce your risk and tip the odd’s in your favour.
Just like you know that locking your car door at night isn’t going to stop someone from stealing it, businesses need to provide a layered approach to IT Security.
A list of recommended basic steps for a business that is hosting it’s virtual servers on a cloud platform is listed below.
Please use this page as a checklist, to think about your organisation and how well prepared you are for the coming threats.
All SMB environments should have the following in place:
Everyone knows what an Anti-Virus program is, but you should have a corporate grade, centrally managed Anti-Virus solution that is monitored to unsure it is updated frequently. New Virus foot prints are detected every day, and the only way these can be captured is by ensuring that your AV is updating reliably.
Mail Protection / Filtering Software
An essential component as a layer of defence against cyber-attack. Your email passes through a complex scanning engine that looks for spam & malicious emails and filters them out before getting to you or your staff. This reduces the chances of Phishing attacks, Crypto viruses & Ransomware entering the organisation.
Web Protection controls which websites employees can access and scans web pages before they load. It looks for suspicious indicators so that they can block the websites in real time. This can greatly assist when staff accidentally click on links in fake emails, stopping viruses and loading fake websites that captures your password details.
Centralised Data Storage
Ensuring that all company data is stored in a central network location (either on your cloud server or in a cloud application like Microsoft One drive), and not on individual PC’s or Laptops.
Managed Online & Local Backups that are Monitored
A managed backup strategy that combines both an online backup to another cloud provider & also copied locally to another storage location on the same cloud provider.
As a unified solution both the Online backup and local one stay synchronised with each other. This provides for fast restoration of files from a local source as well as the option to restore from the other cloud platform. It also allows easier monitoring of backup statuses which should occur 3 times a week.
Network Security Policy
A Network Security Policy that encompasses the below points:
- Complex Password Policies – The longer and more complex a password, the longer it takes for cyber criminals to work them out. Cyber criminals have automated software that scan the internet for commonly known ports (a front door to your system) and then start systematically trying password combinations. Complex passwords can increase the time it takes to work out a password from a few hours to hundreds of days.
- App Locking – App Locking refers to configuring your servers and workstations so that applications cannot be installed without the right permissions. This is especially important in the case of crypto viruses that encrypt your files or install crypto mining software. By limiting the ability for software to install and run, these programs can be stopped from executing and causing data loss.
A VPN which stands for Virtual Private Network, is a technology used to add another layer of security when connecting your office to the cloud servers over the internet. It significantly increases security and reduces the chances of cyber criminals gaining access to your data. This is also used for staff who are connecting from home or while travelling.
Intelligent Router with strong VPN Capabilities
As mentioned above, when connecting your offices to the cloud servers, a VPN is used. Not all VPN technology is the same, and we recommend a certain type of VPN provided by specific routers.
Use of Office 365 for Email Hosting
Office 365 is Microsoft’s cloud email hosting and Office applications solution. It takes the hassle out of having to run your own mail server, and seamlessly integrates with your Outlook, Word & Excel. It provides a raft of security features and tools at an affordable price. Please review our Office 365 Security basics document to understand how Office 365 should be configured.
2 Factor Authentication on Office 365
While we cover 2 factor authentication in our Office 365 Guide here, it’s worth mentioning that 2 Factor authentication should be enabled on Office 365 email. Where passwords are compromised, this protects the users from having their email breached as it requires an additional code to also be entered to gain access.
Education & Testing
You are a security layer. By paying attention and being educated on the common security risks for SMB’s you can help protect your organisation against cyber crime. There are a number of security tests that can be run on a regular basis which we outline here in our recommended monitoring & maintenance plans.
IT Maintenance & Monitoring
Monitoring and Maintenance steps are critical to ensure that your environment has the latest updates, security features and basic checks in place. Read our recommended IT Maintenance and Monitoring steps here.