It’s a new year, which means a new array of personal and professional resolutions. In the age of technology, it’s a must that businesses incorporate cyber security into their resolutions. Businesses fail too often at properly securing their phones—VoIP and mobile—and their Internet services, which hackers across the world prey on.
Now that we’re firmly in 2022, we recommend that businesses stress the importance of securing their phones and Internet using the following steps to help secure your network and keep the attackers away.
Secure Mobile Phones
No matter if your business is small or large, if your employees use company-owned mobile phones or even “Bring Your Own Device” (BYOD), the nature of these devices can pose a serious security risk.
Here are some security measures to keep those devices safe:
- Encryption: Establish policies and enable settings across all mobile devices; this will encrypt data being stored and transferred on said devices.
- Password/MFA: It is critical that phone users utilize passwords and Multi-Factor Authentication (MFA) when accessing their home screen and applications. MFA can be a password plus pin and/or biometric (i.e., Face ID or thumb print). MFA offers a higher level of security in the event a password is compromised. A different unique password should be used for each application on a mobile device—including emails.
- Updates: Mobile devices like tablets and computers should be updated to the latest operating system and firmware as soon as they are released by the manufacture. These updates patch backdoor vulnerabilities that could potentially allow a hacker to gain access to the device and its data.
- User Training/Awareness: It is critical that organizations train their staff on mobile phone usage, especially if they are conducting business on these devices. Part of this training should include password/MFA, encryption, updating the phones, and not using personal social media and emails on them. If the latter is compromised, the entire device could be compromised.
Secure Your VoIP Phones
VoIP phones—just like mobile devices—must be secured. However, VoIP phones can pose a greater threat if compromised by a hacker, as they can be targeted for Denial of Services (DoS), phishing, war dialing, and call interception attacks.
To limit these attacks, consider taking the following steps:
- Deactivate Inactive Accounts: Deactivating/disabling inactive phone accounts will limit the opportunity for those accounts to be spoofed and used to harm your business.
- Review Call Logs: Call logs will reveal any abnormal call trends or behavior. Set up a regular review schedule, which will help you determine if malicious activity is happening on your VoIP infrastructure.
- Updates: Updates are an absolute must! These patches will help to counter against backdoor vulnerabilities that could potentially allow a hacker to gain access to the phone and data.
- STIR/SHAKEN: No, this isn’t about how James Bond likes his martinis. STIR/SHAKEN utilizes digital certifications based on public key cryptography techniques. This method limits robocalling and number spoofing, the latter being a major vulnerability with VoIP phones.
Secure Your Internet
Internet access is critical for any size organization to effectively conduct business. However, attackers’ prey on unsecure Internet connections to spoof and launch malicious attacks on a network.
Take the following steps to help ensure you don’t become a victim of hackers:
- Training: The biggest security risk to any company is untrained personnel. Companies should conduct cyber and social engineering awareness trainings to shore up employee understanding of risks. These trainings should focus on the current security trends, top vulnerabilities, and mitigation steps these individuals can take to help keep your business secure.
- VPN: All remote employees should be utilizing a Virtual Private Network (VPN) to connect to the company’s network. This secure connection adds an extra security layer when employees are connecting from home, cafes, hotels, and airports.
- Firewall: A firewall is a crucial component in securing your Internet connection. It can be utilized to block foreign traffic, stop peer-to-peer connections, and prevent employees from accessing inappropriate websites.
- Review Network Logs: Network traffic will illustrate whether an attacker is attempting to breach your infrastructure or not. Consistently reviewing network logs and traffic packets are great proactive measures to keeping your network secure.
Cyber Security as First Priority
Developing and implementing an efficient cyber security framework will ensure your business is safe from bad actors lurking around the Internet. To learn more, or begin shoring up your cyber security posture today, contact Netmaker by clicking here.