By Greg Townley – A feature piece from our Fall 2024 issue of the Lancaster Thriving Publication!
As IT security standards tighten and more industries require compliance with specific frameworks like NIST or CIS, it’s essential to go beyond basic security for your business. Standard safeguards like a hardware firewall with Unified Threat Management (UTM) and spam filtering remain critical, however there are additional protections your company must consider:
Endpoint Detection and Response (EDR)/Managed Detection and Response (MDR) – These endpoint security technologies monitor your network and Microsoft 365 accounts for threats, providing immediate remediation. They learn the way users operate and if an action out of the norm is sensed, they can isolate compromised machines or accounts. This greatly helps to prevent any further damage.
Multifactor Authentication (MFA) – A complex, 37-character password is excellent, but how do you protect yourself if someone gets hold of it? Passwords are easier to acquire than you might think, through avenues like phishing or a vendor breach. Adding extra layers of security, such as a fingerprint, facial scan, and/or a prompt sent to your phone greatly enhances your account’s protection.
Password Manager – Everyone should be using unique passwords for each login but remembering them is nearly impossible. A password manager securely stores these passwords, making it easier to follow best practices and access accounts when needed.
Zero Trust Endpoint Protection – The days of relying on software updates to protect against newly discovered exploits are over. Implementing zero trust protection assures that new actions are denied by default and only approved applications can run on your network, helping to assure that your data is secure.
Security Awareness Training – The end user is often the weakest link in security making them the focal point for bad actors. Regular training helps users become more aware of their actions, strengthening your overall security defenses.
Backup Solution with Cloud Syncing – If all else fails, it is crucial you have a reliable backup in place. Ideally, this includes a “warm” backup server, that syncs to the cloud, and can be quickly powered on to minimize downtime if any on-premise production server fails.
Partnering with a Managed Service Provider (MSP) to deploy these solutions is an effective strategy, regardless of whether your company has an in-house IT team. MSPs can bundle the deployment, monitoring, and management of these protections in a monthly plan with a fixed fee, making it easier to budget for your technology needs. Additional benefits of teaming up with an MSP include:
- Assistance with software or hardware deployments.
- Monitoring and managing backups, including regular test restores with proof of success.
- Troubleshooting and resolving complex issues.
- Expert services at a fraction of the cost of hiring full-time staff
When selecting an IT partner, remember that you’re trusting them with the entirety of your business—a significant responsibility. Research potential providers thoroughly by seeking recommendations, speaking with their current clients, and ensuring your values align. Don’t forget to inquire about how they can strengthen your security posture to give you peace of mind.
By Greg Townley
Director of Service , TCW-GAV
gtownley@tcw-gav.com
Contact Mike at
mike.miller@appalachiatech.com
not secure