Will your business survive a Cyber Attack?

The way we work is changing, with more businesses adopting online-only models and remote working every day. However, while these new practices offer new opportunities, they also provide additional vectors for attack. Given that cybercrime is on the rise, and that almost 60% of cyberattacks target small businesses, this is a problem that we can no longer afford to ignore. Below, we’ll outline a few simple ways you can test your company’s vulnerability and improve its resilience to cyberattacks.

Remove unnecessary clutter

If you’ve had your computers for any length of time, they likely have applications installed that aren’t strictly necessary for work. Perhaps you have a few games installed or a couple of drivers for a device you no longer use?

The problem is that every single piece of software you install, whether it’s freeware or a well-known application, has its own dependencies and vulnerabilities. In other words, every unnecessary program you have is another potential weak point for an attacker to exploit.

The good news is that these days, most of the things you need for work can be accessed in a browser. For instance, you can create documents, listen to music, and send emails without needing any dedicated applications. Simply: the fewer programs you have, the less risk there is.

Harden your infrastructure

Now that you’ve closed as many doors as possible to a potential hacker, it’s time to block the remaining ways in. One of the most important things to do is install a Web Application Firewall (WAF) on your company servers. This prevents some of the most common threats outright, including Cross-Site Scripting and cookie poisoning attacks.

We also recommend using a company Virtual Private Network (VPN) whenever possible, as well as separate email encryption. The VPN not only prevents attackers from observing your employee’s internet traffic (which includes login credentials, contact lists, and internal communications), but it also nullifies most kinds of Man-in-the-Middle attacks.

Meanwhile, the email encryption stops spear-phishing attacks by guaranteeing that the person you’re talking to is who they claim to be.

Plan for the worst-case scenario

If something goes wrong, it’s vital that you’re able to find out what happened as quickly as possible. This is where proper monitoring procedure comes in. Your IT staff can use applications like NetCrunch or Spiceworks to find out all kinds of information about the network in real-time. For example, you could set up an automated alert letting your team know about multiple failed login attempts or new changes to user rights.

Further, it’s important to consider the risk of a breach when designing your systems. This sounds obvious, but even major companies neglect this (Sony infamously stored thousands of user passwords in plaintext). We cannot stress this enough: user details should always be salted, hashed, and encrypted to ensure that even if the data is stolen, it cannot be read.

Introduce an internet usage policy

It’s often easy to forget that not everyone is a computer expert. As such, it pays to implement a commonsense internet usage policy. This doesn’t have to be overly restrictive; generally, a simple web-filter, an ad-blocker, and limited application installation rights should protect you from most problems.

We’d also recommend creating disk images of your machine periodically so that you can just roll back to a fresh installation should a rogue piece of malware slip through.

Don’t neglect system maintenance

Unfortunately, even the best systems need regular maintenance. New software vulnerabilities are discovered on a daily basis and if these aren’t addressed, they can pose a major threat to your network’s security. Take Heartbleed, for instance: this server bug allowed hackers to view encrypted web traffic and five years later, there are still 200,000 vulnerable devices.

Passwords should also be changed every few months at least to prevent attackers or former employees from logging in with old credentials. A good rule of thumb is that a password should be at least eight characters long, with mixed-case letters, numbers, and punctuation.

Ideally, your system would reject dangerously simple passwords like “qwerty” and prevent staff from reverting to a previously-used password.

Simply put, business owners are caught in a game of cat-and-mouse with cybercriminals. The odds are in your favor, though, as attackers have to try increasingly hard to find cracks in your network’s defenses. In contrast, all you have to do is minimize risk, and the steps above are an excellent way to start.


Ian Garland is a tech writer, programmer, and author with a particular interest in
digital privacy.

Leave a Comment

Your email address will not be published. Required fields are marked *

Open chat
Need Help?
Powered by

Google Reviews

Web Entangled

Customer Reviews

Lizwe Dube 05/05/19

Google
Out of all the web design companies I sent a request for quote yesterday, you are the only one that got back to us. It goes without saying that we are gonna have to go with you.

Mcwill Masonda 01/04/17

Google
Great work ethic and professional. Highly recommended. Ask about search engine optimisation when you engage them. You wont be disappointed

Lawrence Charumbira 09/10/17

Google
5 star experience with Web Entangled.

Crosby Moruthane 12/28/18

Google
It has been an absolute pleasure visiting your website, very appealing!

Tariro Moyo 17/11/19

Google
Undoubtedly the best web designers in the country. Highly experienced. Offered a lot of advice on everything to do with our website. Doing business with Web Entangled is a learning experience. We are now comfortable with our online marketing

Wolfgang Müller 05/19/18

Google
Geweldige website. goed gewaardeerd. Zou niet om meer vragen. Dank je

Reg #Softridge Inc 04/06/17

Google
The highly skilled team at Web Entangled was not only professional but were perfectly priced, we definitely got the WOW factor we were looking for. I'd definitely recommend them to EVERYONE for an optimised & effectively executed website.

Shakina Hove 03/20/19

Google
Web entangled are undoubtedly one of the best web designers in Zimbabwe. They are creative, professional, friendly and highly experienced. I recommend them to anyone or any business that is serious about their digital marketing strategy. Contact them today and make your online presence an unforgettable experience for your target audience.