“We needed to find solutions to a variety of issues whilst being a complex business, operating in a 24/7 environment. Stripe OLT listened and understood immediately the challenges we faced.”

IT Operations Manager

Simon Darley

Trusted by industry leaders

Schedule your discovery call.

To begin, tell our experts about yourself

By continuing, you agree to our Terms & Privacy Policy

12 Tips for a Cyber Safe Christmas

In a nutshell:

Start the year strong – build a strong security culture

Want to avoid your business data being St.Nicked this Christmas?

As Christmas approaches, many of you will be winding down and preparing for the festivities – unfortunately, cyber criminals notoriously take advantage of the holiday season, coercing their way into our digital spaces and cashing in on the season of giving.

With this in mind, here are our cloud and security experts 12 top-tips, to ensure that your business and workforce, stay one step ahead of the hackers.

“Phishing emails advertising the latest ‘Christmas Deals’ or spoofing well known parcel delivery service providers are very common tactics used by malicious actors.

Never trust an email and always check the wording of carefully, and then check it again! Also remember to check the sender, was it really sent from Amazon…? By putting a bit of thought into how we respond to our digital correspondence we can avoid providing digital criminals with the information and access they are trying so hard to gain.”

“The biggest threat our clients face is phishing and social engineering: always check the sender’s address and any links included. Hovering over a link will show you where it’s taking you; if in any doubt don’t click it! The safer option is always to open a new browser and navigate to a specific website yourself without clicking any risky links.”

“Everyone knows that strong passwords are annoying to remember, however the dangers associated with being compromised far outweigh the pain it takes to remember! For example, an 8-character password takes roughly 5 hours to crack when it’s all in lowercase text. The key is to use a password which contains a minimum of 12 characters that include numbers, symbols, capital letters mixed with lower-case letters. To protect your employees that step further we also recommend MFA is enforced on all user accounts for that extra piece of mind!”

This tip comes from our Cyber Security Architect, Austen, which leads nicely on to…

4. Use a Password Manager

Generating, storing, managing and remembering multiple passwords can seem daunting, which is why our Director Tom’s, top-tip is to ensure that your companywide password policy includes utilising a password manager:

“Use a password management tool to ensure that each password for each service is different – their memory is better than yours! I’d recommend a service like LastPass which generates a uniquely strong password that you don’t need to remember.”

“Sadly passwords get stolen, leaked or disclosed to people who shouldn’t have them, almost no matter what safeguards you might use. So having a strategy to stay ahead of anyone who would try to use your accounts is key to success. Enabling Multi-Factor Authentication (aka MFA/2FA) on EVERYTHING can improve your online security immeasurably.

MFA will challenge anyone who uses your password to provide a secondary authentication factor such as a code, phone call or push notification in a mobile app. Even when a malicious actor has your password, without your second factor they still can’t breach your account in most cases.”

“When out and about enjoying your company Christmas meals, never connect to public wifi! You never know who is listening…”

This top tip comes from Lex our Information Security Manager. As tempting as it is to connect to these public hotspots and share a picture of your mulled wine, you leave yourself at risk from man-in-the-middle attacks, unencrypted networks and malware distribution…

This top tip comes from our Technical Director Alex, and no, he’s not talking about a Christmas Yule log…

“Ensure you employ someone to look at the alerts from anti-virus software and monitoring agents – it’s all well and good having managed devices, but without someone watching the logs you can’t react in time!”

8. Backup, and then backup again!

“Restoring and protecting your data go hand in hand. I would recommend running onsite and offsite backup simultaneously to protect against all eventualities, in addition to having a disaster recovery plan in place to ensure the fasted revival time. When a crucial system goes down, knowing what to do, who will do it and where the backup data is stored means your business will be up and running again in the fastest possible time.

‘Over 28,000 people fell victim to fraud during last year’s Christmas shopping period. To successfully fight against malicious actors this year, it is critical that businesses foster a cyber-security culture through education and security best practices. I’d recommend starting awareness training during employee onboarding and follow an official cyber security training plan.’

Ryan again suggests:

“This model essentially acts under the impression that all users and devices trying to access the network are threats. Make sure your network users use robust authentication measure, make sure you segment your network, and definitely adopt a least privileged access model.”

SIEM tools allow security analysts to investigate security alerts in real-time, which reduces the average time to identify and respond to breaches. IBM say the average time to respond to a breach in 2020 was 207 days – which is why a SIEM tool should be at the top of everyone’s Christmas list this year!”

“Work proactively, not reactively! Don’t wait until malicious actors find a network vulnerability to exploit and actively test your infrastructure and applications with a Penetration Test to uncover any weaknesses ahead of time.”

INSIGHTS

  • 12 Tips for a Cyber Safe Christmas

  • The importance of back up and DR

  • New Year, New Security-first Culture

  • Benefits of outsourcing your Managed SOC