There's no silver bullet for security — it's just a matter of reducing the chances of bad stuff happening.  The ways you can get compromised on the internet have become more numerous and more sophisticated. Now, more than ever, it's important to follow the best practices to give yourself, your employees and your business the best chance of getting through life on the net safely.

Today we're giving a handful of top cyber-security tips to help businesses and individuals across KSA to avoid falling victims for cyber threats. Chances are, you've heard some of these tips before. But as recent news stories indicate, reminders about online security are always a good thing. Now let's get started:

1- Keep software and operating systems up-to-date

Software updates can address vulnerabilities to emerging threats, and staying updated is your best defense. When a security update to your operating system or software becomes available, make sure all your employees take the time and effort to download and install it without delay, so you all have the latest security patches. We also recommend that you turn on automatic updates so you don’t have to think about them, and make sure that your security software is set to run regular scans. 

2- Back up your data on a regular basis

Computer crashes, virus infections and hard drive failure often happen when’re least expecting them. For you to avoid data loss and survive any event that can lead to file corruptions, it is important to backup your data on a regular basis, and also make sure you have at least one full off-line backup of your data. If you're looking for a high-speed, secure and effective backup and disaster recovery solution, be sure to check out our Cloud PC backup and Cloud VM Backup solutions.

3- Use Complex Passwords

We know you’ve heard it before, but creating strong, unique passwords for all your critical accounts really is the best way to keep your personal and financial information safe. This is especially true in the era of widespread corporate hacks, where one database breach can reveal tens of thousands of user passwords. If you reuse your passwords, a hacker can take the leaked data from one attack and use it to login to your other accounts. Our best advice is: NEVER use the same password to access multiple accounts. This will make it easier for you to resolve any password compromise situation and have peace of mind knowing that the incident has no effect on the rest of your accounts.

4- Use Multi-factor Authentication (MFA)

When multiple pieces of information are required to verify your identity, illicit access to your account will become extremely difficult – if not impossible - for anyone who’s come to know your password. So, whenever Multi-factor Authentication (MFA) is available to any of your accounts, make sure you have it enabled so you’re always protected with one or two additional security layers. In case MFA is not part of your security plan, try using Microsoft 365 Business or  let Ctelecoms help you implement an effective MFA strategy to keep your accounts protected.

5- Beware public, unprotected networks

Now that your logins are safer, make sure that your connections are secure. When at home or work, you probably use a password-protected router that encrypts your data. But, when you’re on the road, you might be tempted to use free, public Wi-Fi. The problem with public Wi-Fi is that it is often unsecured. This means it’s relatively easy for a hacker to access your device or information. That’s why you should consider investing in a Virtual Private Network (VPN). A VPN is a piece of software that creates a secure connection over the internet, so you can safely connect from anywhere. Ctelecoms can setup a VPN access to your organization to help you keep your network protected and restrict RDP access from outside.

6- Beware Online Scams!

Now that you’ve put smart tech measures into place, make sure that you don’t invite danger with careless clicking. Many of today’s online threats are based on phishing or social engineering. This is when you are tricked into revealing personal or sensitive information for fraudulent purposes. Spam emails, phony “free” offers, click bait, online quizzes and more all use these tactics to entice you to click on dangerous links or give up your personal information. Always be wary of offers that sound too good to be true, or ask for too much information.

7. Share less personal information online

These days, there are a lot of opportunities to share our personal information online. In terms of social media, people will share just about anything. That may be scary, because it can still be searched online, and thus can be useful to support hackers’ phishing attempts. Just make sure you don’t share everything publicly, and be cautious about what you share, particularly when it comes to your identity information and the names of the people you trust most. This can potentially be used by hackers trying to phish you or guess your passwords and logins.

8. Protect Your Mobile Life

Our mobile devices can be just as vulnerable to online threats as our laptops. In fact, mobile devices face new risks, such as risky apps and dangerous links sent by text message. Be careful where you click, don’t respond to messages from strangers, and only download apps from official app stores after reading other users’ reviews first. More importantly, make sure that your security software is enabled on your mobile, just like your computers and other devices. If you're looking for a robust, cost-effective solution to protect and manage business data as well as mobile devices while enforcing policies across your organization, then Microsoft Enterprise Mobility + Security E3 is your best bet. 

9. Practice Safe Surfing & Shopping

When shopping online, or visiting websites for online banking or other sensitive transactions, always make sure that the site’s address starts with “https”, instead of just “http”, and has a padlock icon in the URL field. This indicates that the website is secure and uses encryption to scramble your data so it can’t be intercepted by others. Also, be on the lookout for websites that have misspellings or bad grammar in their addresses. They could be copycats of legitimate websites.

10- Use Microsoft ATP

In order to increase your security against malware, infected URLs, and other evolving threats, we recommend that you use Microsoft Office 365 Advanced Threat Protection (ATP). ATP is a cloud-based email filtering service that helps protect your organization against unknown malware and viruses by providing robust zero-day protection, and includes features to safeguard your organization from harmful links in real time

11- Stop Internet Access to your server and Keep your system up to date with WSUS

You don’t need internet access for all servers for windows updates. Let us help set up your WSUS and you manage the distribution of updates and patches for the Microsoft software products to the computers in your network. WSUS is a software application that analyses the current system to determine the required updates and help users to manage the downloads in a corporate environment. It enables the IT administrators of small to medium sized businesses (SMBs) to effectively manage the distribution of updates released to the computers in their network.

12- Lookout for the latest scams

Online threats are evolving all the time, so make sure you know what to look out for. Currently, “ransomware” is on the rise. This is when a hacker threatens to lock you out of all of your files unless you agree to pay a ransom. Stay on top of this and other threats by staying informed.

13- Take a number of important security precautions

• Restrict administrative rights by always changing local administrator password, and do not use same password for all computers.
• Limit or stop the use of Remote Desktop Protocol (RDP) from outside of the network, or enable Network Level Authentication to maintain effective serucity.
• Review firewall settings.
• Review policies for traffic between internal and the outside network (internet).
• Regularly train your staff to recognize and deal with phishing attacks.
• Sender names can be spoofed, so don’t be that person! Don’t click on or open files in email unless you know exactly what and who they are.
• DO NOT pay the ransom. The reason why the criminals keep utilizing this form of blackmailing attacks is that people keep paying.

Looking for robust security solutions for your business?

Ctelecoms provides an extensive range of on effective premises as well as cloud security and data backup solutions to help protect businesses and individuals in Saudi Arabia maintain a healthy, secure environment and never lose a single bit of their data.

From Microsoft 365, to Cisco Umbrella, to Enterprise Mobility + Security, Cloud Email Security, Meraki Cloud Managed Security, and more, we have you fully covered. Contact us today and let us see how and where we can be of assistance.