In the wake of the ransom-ware attacks in the last couple weeks we updated our clients with some pointers on keeping their computers and their websites safer from such attacks.
So, here’s a few pointers on how to improve your cyber security for free.
Key points:
– Make sure you have anti-virus software and that it’s kept up to date
– Run regular virus scans on your system
– Keep your system software (Windows etc) up to date
– Make sure your website has security software and that it’s up to date.
Downloads from the video
AVG Anti-virus – FREE edition:
http://www.avg.com/ww-en/free-antivirus-download
Wordfence (security for WordPress) install and config:
http://www.wordpressownersclub.com/installing-and-configuring-wordfence-security-plugin/
TRANSCRIPT
Hi there. Today, we’re going to look at system security, simply because there’s been a lot of headlines lately, including the various hospitals in Britain’s National Health Service having been hacked and other businesses and websites having problems as well.
Now, I know that system security and cyber security isn’t really a website design issue. But it is certainly a business continuity issue and, if you get it badly wrong, you could be in a whole heap of trouble. But, thankfully, if you’ve not been hacked — and I’m assuming you haven’t and I’m hoping you haven’t — then, there’s a number of things you could and should do to make sure that it doesn’t even happen in the first place. I have a few useful points to share on how to improve your cyber security for free.
But I’d like to tell you a bit of a quick story if I may. Back in a former life, I was an IT manager for an accountancy firm. There was 100 people in this company, dozens and dozens of computers, and the whole system got infected because of one, simple email that looked genuine. It was a spoof — what’s called now a phishing email. This person clicked on it and it infected the entire network. It took me and my deputy something along the lines of 12 hours to get the whole system clean again to the point where we could carry on working.
Now, from our point of view, if this has happened first thing in the morning at the beginning of the working day, it would have meant a whole day’s worth of lost productivity. Thankfully, it happened fairly late in the day, shortly after five o’clock, where large numbers of staff had gone home. But my deputy and I, we worked overnight to get this thing fixed. It wasn’t funny. It’s one of those things where, thankfully, we had a fairly good antivirus system installed that was up-to-date and all the computers were up-to-date. So it really was just a case of tidying up all of these infected files that had been downloaded.
Now, you could argue that we were lucky. We’ve got a good system in place. The files did not corrupt any of the data. We did not lose any of the data. And we didn’t lose any business. There was no downtime, for the most part, for the business. But, of course, others aren’t so lucky. One of my clients has had a virus on her computer and she’s lost a whole heap of work going back for quite some time. Then, of course, there’s the headline cases where people like Sony a couple of years ago getting hacked and all their data being stolen. Now, in this last week, the National Health Service and computers all around the world having the ransomware installed and, of course, they are genuinely being held to ransom to get rid of it.
Do you have anti-virus software?
So that’s all well and good, but what you can do about it? Well, first things first, have you got antivirus software installed on your computer? And if you have, is it up-to-date? This may seem almost like a no-brainer, but it’s surprising how many people overlook this. Or, they have an antivirus software and just trust that it works, but don’t actually check to see if it’s up-to-date on a periodic basis.
Now, I’m not saying you have to look at it every day, but when was the last time you bothered checking to make sure your antivirus software was up-to-date? Hopefully, more recently lately because of the news. But have you looked at it? Have you even got an antivirus software, not just on your computers, but on your service? So I would suggest that you get antivirus and sort it out.
We here have used AVG for years. It’s a best-of-breed software. It’s very, very good. We’ve never had a problem with AVG. We’ve never had a problem with viruses or having been hacked.
Do you backup your data regularly?
How to improve your cyber security for free
So, also, do you backup your data? Now, it may seem daft; but surprisingly few small businesses actually backup their data, put it somewhere offsite where it can’t be accessed if your computer is hacked. It’s quite frightening the number of people who run the risk of losing just about everything and for good because you don’t backup. Backup software is so easy these days. You can backup systems, backup hard drives, you’ve got web/online backups. If you’ve got a decent broadband connection, you should be able to backup to the web and would really maybe just cost you a few pounds a month.
When was the last time you did a virus sweep (scan) on your system?
Also, when was the last time you actually ran a virus sweep on your system, on your computer, on your service, etc., if you run a business? You should be doing this on a very, very regular basis. If you’ve got service, there should be a virus sweep pretty much every day or at least a couple of times a week. They can run overnight, so if you run a 9:00 to 5:00 business, there’s no disruption to anything, as well as the ongoing vigilance of scanning traffic for viruses. You should be running a virus sweep on a regular basis.
Does your website have security software installed?
Finally, what about websites? We’ve had to tackle a few hacked websites recently, not something we’ve done, but the client hasn’t updated their software. As much as we try and tell people to keep the software updated, some don’t. So, again, it’s one of those things where it costs us time, it costs them money because we bill them for it because they hadn’t updated their website. So make sure that you keep your website software updated. Make sure that your website has a security plugin or a security module. If you use WordPress, there’s a plugin called Wordfence. There’s a link to how to install it, again, below this video and how to configure it as well. So there’s no excuse for not keeping your software up-to-date. There’s no excuse for not keeping your computers up-to-date. And while we’re on the subject of computers, make sure that you’re downloading all of the Windows updates as they become available. Don’t wait. Almost all cyber security, almost all cyber threats rather, is as a result of vulnerabilities that come up when people don’t update their software.
Now, I know I’ve rambled on there. Cyber security is big, big business and the downside of it, it’s reactionary. It means that they’re constantly responding to threats rather than being proactive about potential threats. So only when the security companies see a threat, can they do something about it. But then that threat, that virus, that hacking hole in your system, is already out there, so the damage could already have been done. I don’t want to put a [inaudible] onto you. I mean they are incredibly good. Typically, within hours of a cyber threat being noticed, antivirus software companies will have updated their system and encourage you to update it as well — another great reason to keep your system up-to-date.
So I hope that’s been useful. Please don’t come and ask us about security for your computer. We’re not an IT company. We build websites. But we see this a lot. We don’t want your business to be disrupted any more than we want ours or the NHS. So please look after yourself, do your research and learn how to improve your cyber security. Keep your system updated and get some good software to protect yourselves and just take care.