Spring Cleaning – Let’s Talk About Network Penetration Testing
Those of us that are brave enough to watch the news and stay up to date with current affairs will no doubt have noticed an increasing volume of cyberattacks on businesses.
With the recent Transnet attack and the subsequent knock-on effects (which we still haven’t seen the end of), we can’t help but wonder if our systems are safe.
This is where network penetration testing comes into play to assess how robust your security systems are. While Huge doesn’t offer this service, we are acutely aware of the importance of a regular spring clean to make sure that your business doesn’t become a statistic in the war against cybercrime.
We encourage you to take a minute to run through some quick tips on how to keep your systems safe in a world that wants to undermine your security.
What is Network Penetration Testing?
First things first. What is network penetration testing?
“Penetration testing is also commonly referred to as a pen test (or ethical hacking) and is a method used to perform security testing on a network system used by a business or other organisation. Pen tests involve a variety of methodologies designed to explore a network to identify potential vulnerabilities and test to ensure the vulnerabilities are real.” (Source)
Basically, you’re employing a company to poke holes in your system and see what happens. Actually, having a third party perform these tests isn’t a bad thing, as they aren’t aware of patches, bolt-ons, or any other company-specific fixes that may have happened over the years. All they care about is checking if there are any open doors that need to be closed.
However, that doesn’t remove the burden of responsibility from us and our teams.
Your Digital Spring Cleaning Plan
Fortunately, you don’t need any special skills to perform a digital spring clean on your systems. Here’s where to start.
Delete or Archive Old Information
A data breach on an internet-connected system is far more likely than from data on DVDs locked away off-site. However, many businesses leave data on their systems far longer than is necessary exposing hackers to a wide range of opportunities but receiving few benefits in return.
Consider moving sensitive information that you no longer need to access regularly offline. If you need to keep it for legal reasons then do so in a secure offline facility. Anything that you don’t need, get rid of.
This is the perfect time to run through your emails and delete or archive old messages, attachments, or to-do lists. A cluttered inbox is an easy way to lose information and forget important tasks.
Back it Up
Back up regularly and properly. You should back up often enough that you would not be concerned about lost data in the event that something goes wrong. If you’re responsible for ensuring that others backup, ensure that they know how important it is to do so. Make sure they are familiar with the technology that enables them to maintain backups easily and efficiently.
Check your systems and your backup schedule. Make sure that your drives are disconnected from the network once the backup is complete. Regularly check that your restore functions are working properly.
Update Software and Apps
If you’re relying on an outside company to manage your systems then you should be safe. If not, then check through your systems and apps to make sure that you have the current updates and security patches in place.
Why not take some time to set up a schedule to make sure that your systems are always running the current version with the latest updates?
While you’re about it, don’t be afraid to delete any apps or programs that you no longer use. Hackers can access your system on the back of previously authenticated programs, so be sure to uninstall or delete whatever you’re not using.
Educate Your Team
“According to a study by IBM, human error is the main cause of 95% of cyber security breaches. In other words, if human error was somehow eliminated entirely, 19 out of 20 cyber breaches may not have taken place at all!” (Source)
While your systems may be secure, it’s the human element that can open the door to a cyberattack. A regular education program with your team, alongside firm policies relating to online activities, will help to reduce actions that would allow a breach to take place.
Teaching your employees the risks involved in unintentionally downloading malware, opening infected attachments, or using weak passwords is well worth the time and effort.
Let’s Connect
The online space can be rife with danger, but it doesn’t have to be. A secure connection coupled with smart security systems and regular network penetration testing goes a long way to removing you as a potential target for opportunistic cybercriminals.