Safeguard your business against cybersecurity threats and make the most of online opportunities!

The year 2021 has seen a major uptick in cyberattacks, and no business, small or global conglomerate, is immune to a cyberattack in this digital world. Besides, the financial, physical, and legal implications of an attack on any business can be devastating. Thus, business leaders need a robust cybersecurity policy to address critical risks. 

Four million files are stolen every day – that’s 44 every second.

Despite modern hackers’ increasing technological sophistication, it’s not all doom and gloom when it comes to defending your company from malware. As a custom software vendor that builds cybersecurity compliance software for enterprises across the industry spectrum, we can assure you that there are many technologies and practices you can and must use to prevent becoming the “next breach” headline.  

Only 5% of companies’ folders are protected adequately on average.

Organizations have begun to invest extensively in teaching and enlightening their staff to realize the cost of cyber dangers. Besides investing in various technology deployments to safeguard their hardware, software, and networks, enterprises have also boosted their attempts to raise the competencies of their employees via educational seminars and programs.  

 

Cyber security is one of the core focus areas for enterprises in today’s digital landscape. Investing in resources to effectively safeguard business and organizational data is the need of the hour.

​ – Uday Bhoomagoud   Director – Infrastructure Services, MOURI Tech

 

MOURI Tech – There When you Need Us

At MOURI Tech, we take IT Security seriously and our tech team puts in best efforts to keep up with the evolving cyber security trends and global threats landscape. We are proactively reaching out to our customers, recommending them to revisit their security posture. There is no silver bullet – no single solution that can address all security issues, but here are some proactive measures that our InfoSec team recommends for lowering your vulnerability and enhancing security posture.  

• Email Security / M365
  
  • Enforce MFA across the organization and deactivate legacy authentication
  • Improve your email credibility/security by implementing: DMARC/SPF & and DKIM
  • Review your secure score and implement “Improvement Actions” [https://securescore.microsoft.com/]
  • Raise the level of protection against malware and malicious attachments and files from [https://protection.office.com/]
    • Configure: Threat management, choose Policy à Anti-Malware/Safe Attachments
  • Create email rules to prevent ransomware [https://docs.microsoft.com/en-us/microsoft-365/business-video/prevent-ransom-in-email?view=o365-worldwide]
  • Restrict Auto-forwarding for email, Hackers who gain access to a user’s mailbox can exfiltrate mail by configuring the mailbox to automatically forward email.
  • Invest in an Email Gateway protection solution such as Mimecast\Proofpoint\Barracuda\Iron Port etc.

• Perimeter Security
  
  • Enforce MFA for organization wide VPN authentication / Disable inactive accounts
  • Firewall Security Audits, evaluate and restrict Open Ports
  • Conduct monthly Vulnerability assessment for all the Network devices
  • Conduct Web pen testing for public hosted applications/WAN IPs

• Server Infrastructure 
  
  • MFA enforced authentication for Windows Servers RDP connections
  • Do not use default RDP Ports for Servers (Ex: RDP Ports)/Restrict root logins into Linux
  • Keep up with security patching on Servers Infrastructure
  • Go for monthly vulnerability assessment on Servers
  • Implement Software Restriction Policies (SRP) and access rights management software
  • Enable event logging and monitoring focusing on activities such as brute-force attempts. Check excessive failed authentication attempts (Windows security event ID 4625, Event ID 1102)

• End-User Computing
  
  • Implement a robust End Point Security Solution and Bit Locker
  • Enforce stronger password policy, to be renewed once at least every 90 days
  • Enforce application whitelisting on all endpoint workstations
  • Implement Microsoft Defender Application Guard – Isolate enterprise-defined untrusted sites
  • Implement web content filtering
  • Ensure up-to-date patching on end-user computing devices as well as virus definitions

Human errors play a major role in most security breaches. Investing in an “engaging” security awareness training program with behavioral assessments goes a long way in improving an organization’s security posture. We also recommend investing in implementing Zero Trust Security Architecture as Insider Threats become more prevalent.  

Remember to subscribe for National Cyber Awareness System Alerts.