Insights

= Insights
Article | Risk Advisory Services

Implement These Tools to Protect Your Organization from Advanced Cybersecurity Threats

2023-03-29T08:51:16-05:00 Justin KrentzJustin Krentz

Cybersecurity Essentials: Part 3

All organizations need to protect their systems and data from cyber-attacks, which means that all organizations need to implement a cybersecurity program. Our monthly blog, “Cybersecurity Essentials,” details the elements of a comprehensive program to ensure you are accounting for privacy concerns, compliance issues, and the policies and procedures critical to maintaining a secure organization and a culture of cybersecurity.

In Part 1 of our series, we addressed privacy concerns as they extend to employee records, client or customer records and communications, and the use of mobile devices.

In part 2, we shifted our focus to a discussion of a security program, which includes training, policies, and other steps required to protect your organization’s sensitive data.

Here in part 3, we’ll introduce some tools—applications and solutions—you can implement to safeguard your organization from hackers.

Secure WiFi/wireless network: Take these steps to implement a WiFi solution with the security to protect your data and critical business systems:

  • Create a guest WiFi network to provide a conduit to the internet other than your production network.
  • Change the default administration password when you install the hardware, ensuring your IT staff has properly configured the device with credentials that adhere to company policy.
  • Make sure the wireless network is updated with the most recent firmware, that is, updated to protect against present-day threats.

    • Secure email gateway: Install a gateway online in the corporate path between the public internet and the corporate email. Email is the most common means hackers use to gain access to private company data. The gateway provides another layer in your security poster to inspect email for malicious content before it reaches your corporate systems.

    System auditing: On your firewall, ensure that logging is enabled and the information it collects is periodically reviewed by designated IT staff for indications of a network compromise or ongoing attach. Providers have added the capability for detailed analysis of what’s coming through. Implement a process where someone is actually looking at that data and addressing any anomalies or attacks.

    Endpoint detect and respond (EDR): As the sophistication of attacks has increased, the shortcomings of antivirus solutions have become more apparent. A modern replacement for antivirus software, EDR will continuously monitor and respond to advanced threats and is a critical piece of your security posture. EDR monitors the network 24/7, then uses business intelligence and analytics to recognize threats that historically don’t get caught by antivirus software.

    Security incident and event management (SIEM): The solution collects all security logs across all network devices, and provides the ability to correlate activity across multiple devices and perform analyses to search for malicious activity. A SIEM is a more in-depth tool for helping organizations detect, analyze, and respond to security threats that could harm operations.

    If you have questions or concerns, our Vertilocity team can evaluate your cybersecurity strategy and discuss your options with you. Call us at 412-220-5744, or email me at jkrentz@vertilocity.com.

    About the Author(s)

    Justin Krentz is a Principal with Vertilocity whose main responsibilities include account management, operations and new business development. His experience spans 14 years of selling managed services and comprehensive technology solutions to small and mid-sized businesses, with a primary focus on the healthcare sector. He has written several articles that have been printed in various healthcare societal publications and regularly speaks at medical societies on technology updates. Justin graduated from Ohio University with a B.S. in Marketing and received his MBA with a focus in Healthcare Management from Duquesne University.

    Vertilocity, an HBK company, was created in 2021 with the merger of Vertical Solutions with HBK IT. The resulting entity operates out of HBK offices in Pittsburgh and Clark, New Jersey, and remotely in and around Denver, Colorado. In addition to expanding its IT services to its broad base of business clients, the merger enhanced HBK’s technological offering to its more than 600 healthcare business and institutional clients.

    Hill, Barth & King LLC has prepared this material for informational purposes only. Any tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or under any state or local tax law or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. Please do not hesitate to contact us if you have any questions regarding the matter.

    RECOMMENDED ARTICLES