Backups, segmentation, training, relentless monitoring necessary in cybercrime world
LOVELAND — Preparing staff so that they can avoid aiding and abetting hackers and ransomware thieves, along with implementing best IT practices, are important for manufacturers and other companies in an age when system breaches seem to make the headlines almost daily.
Three cybersecurity experts offered their tips at the annual NoCo Manufacturing Partnership trade show Thursday at the Ranch Events Center in east Lovland.
For one of them, whose company, Technical Framework LLC, works mainly with companies from 10 to 200 employees, said insider threats are most common for him. Al Harris, co-founder of the company, said employee threats fall into three categories: careless, compromised, and malicious.
SPONSORED CONTENT
Select your Republic Services residential cart now!
In preparation for Republic Services becoming the primary provider of residential recycling, yard trimmings, and trash, residents should now select the best cart size and service schedule for their household needs.
Careless staff members don’t pay attention to the security of their passwords or don’t watch for warning signs when they receive links and attachments. Compromised employees are those who might have been exposed to malware someplace, even off the job, and bring the problem to work. Malicious employees are those who are disgruntled or have fallen prey to hackers who might offer them a piece of the ransom if they help in the scheme.
Establishing logging systems to spot excess data downloads and other unusual activities, setting up access privileges and training are the solutions in most of these cases, Harris said.
“Security awareness training is critical. … It brings security to the top of mind. It fosters a defense culture within the company.”
Ben Allen, principal in Allen CIO LLC, an Arvada company that works with large companies, advised manufacturers to outsource services when possible, especially automated services. He said a typical in-house IT staff can’t keep up with all the cybersecurity developments, and having experts in the field can make a system more secure. The in-house IT personnel can then check to make sure that the work that has been contracted for actually happens.
Among the work that must be done are backing up data, patching and upgrading software, and segmenting data, the three panelists said.
“Prevention is ideal but recovery is a must,” said Harris. “The cost of standby systems compared to the cost of being down for a length of time is not comparable,” he said.
Allen quipped that most business owners have little understanding of what it takes to bring information back on line if a primary system is compromised. If you ask them how long it’s acceptable to be down, “the answer is always 15 minutes or one hour.”
Without the proper systems in place, restoring a backup can take days or weeks.
He also said lack of segmentation is a problem.
“Companies put all their data — HR, medical, production, financial — on the same servers. Get that data off that repository that isn’t segmented,” he said. Data for different functions needs to be stored in different locations so that one compromised server fails to take down the entire company.
He also prescribed “intense documentation” so that if one person is “hit by a Mack truck,” someone else can log into a system.
© 2021 BizWest Media LLC
