Letter to Santa: wishing for a safe and secure business this Christmas

You’ve eaten the last lurking mince pie, turned off the lights and shut down the computers, but have you really prepared for Christmas?

Did you complete a backup of your systems?

Did you warn your staff to look out for the highly sophisticated phishing attempts that come at this time of year?

Christmas is a joyous time, a time when people feel happy, relaxed, they smile at others on public transport, share a drink at office parties. Let’s ensure we remain ‘joyous’ by taking a few extra steps to protect your businesses at this time of year.

Here are a few of the things to consider and how you can stay safe this Christmas:

Backups

If you shut down over Christmas or your office is going to be empty for a long period of time, you could be at risk of a break in, fire or some other form of criminal activity resulting in significant data loss. Data loss is most definitely a massive disruption to you and your business, in many cases it can be catastrophic! A robust backup system is the only solution to ensure you are up and running again quickly.

Assess what data needs to the backed up and how often. Do this by considering what the financial and operational impact of that data loss would be. How often it needs to be done will depend on how often your data changes and how critical it is.

You can back up using either physical devices such as USB thumb drives or external hard drives, or by using a cloud backup service. Whichever option you choose ensure the physical devices are disconnected and isolated from their associated networks, and secure them physically and digitally.

Lastly, always test your back up restoration process to make sure it doesn’t delay your ability to recover from an incident.

Phishing

Everyone wants to save money at Christmas, which makes people more susceptible to phishing attacks at this time of year, especially ones that make promises of high discounts, big savings and flash sales. And for those who are feeling more charitable at this time of year, the charity-related phishing emails will hit a chord. Then there are the fake invoicing ones that cry out for your urgent attention, demanding payment is needed before Christmas.

Your staff can be the weakest link for you at this time of year.

These are an inevitable part of our everyday life, so the most important thing is to make your staff are aware of what to look out for. Some basic tips; always check the source of the email, don’t click links you’re unsure about or download attachments and never ever share sensitive information. If you want to verify the details get the email or phone number from the official website and contact them on a separate thread.

Monitoring

Lower levels of user activity on the network over Christmas might provide you with your best chance of detecting any dubious activity from malware lurking, or unauthorised access using compromised credentials. Make sure you have logging enabled, and sufficient space to store the logs at this time to make the most of the opportunity. If on your return it appears there has been malicious activity, then the logs will be essential to getting to the bottom of it.