Cappuccino Chat - Episode 12 - Layered Security

welcome back to another episode of cappuccino chat this time we're going to talk about layered security and why it's important to your business so go grab a good cup of coffee and let's chat you we're gonna talk about layered secure today and why it's important to your business first off the more layers of security we can do the better off your business will be again if we can stop that threat later or sooner on out on the internet or prior to getting to your business the better off for instance everyone gets spam email a lot of those spam emails also contain links to malicious websites downloads etc if we can stop those threats sooner rather than later the more protected you'll be so this philosophy is at our core if you haven't seen my book or read my book keys to the castle this is why we call it a castle so think of layered security like a castle you have the moat the drawbridge the towers with the archers etc we can relate all of that to different layers of security so again I mentioned cloud and spam protection we also have other cloud apps that we can use for protection along with backup in the cloud as we move further into the castle we have our firewall so the more threats we can block at our firewall the better off I e web filtering so we can stop users from being redirected or accidentally going to malicious websites we again can stop that threat due to the different layers if a threat still gets through that layer we have another layer to go before you become vulnerable to that threat so some other layers that we can add intrusion detection prevention again at the firewall level the web filtering like I mentioned then you have your antivirus and next-gen antivirus layers so basic AV is no longer good enough we need to add the new next-gen capabilities what do I mean by next-gen so with malware and ransomware everywhere now that's the new go-to thing for these threat actors to use is we can actually see how something comes into your environment what is clicked on or programs that are used and we can actually roll back that if something were to happen so if a malware or a ransomware starts to go down the path of encrypting your files we can see where it started in all the different areas in which it touched so that one comes to the recovery phase we know where we need to go we are also providing the persistent threat detection as a layer of next-gen protection on all the endpoints your servers your desktops your laptops what this is doing is protecting you from good programs being used for inappropriate purposes ie stealing your data watching you turning on your webcam turning on your microphone if you're on a laptop those types of things and just watching what you're doing grabbing screen captures so command exe you know the black screen that comes up from the old dos days that's not necessarily a bad program so none of your antivirus programs are going to detect that what is bad is if it's running for an absorbent amount of time on your machine there could be something going on that needs to be looked at that's where that persistent layer comes into play now again with all the endpoint protection and everything that's there at that point that's kind of our last line of defense because again the only way any of that stuff works is for the virus the mall where the ransomware to already be present inside your system in other words they breached the castle at that point so again we want to backtrack that all the way out what are some other layers that we can use one of the best layers you can do is end-user education so constant reminding users of how to spot malicious websites inappropriate links phishing emails with all the different stuff going on during the holidays in normal time of the year again just simple things like putting your mouse over the link to see what it really is going to and ensuring that it's not going somewhere that's inappropriate not opening emails from users you don't know who they are you definitely don't from those emails and attachments and even if you do get an email or an attachment from someone that you do know and you do do a lot of business with if it seems out of ordinary for them to be sending you whatever it is or the email isn't worded in such a way that sounds like that person that should be drawing attention to you and to your employees to think twice before opening that attachment or email I met with a prospect the other day we are having a conversation about layered security and what came up too is that we don't often think about is how do we protect our data from leaving the building maybe from an inside threat so maybe you have an inside salesforce paid on commission levels right so if you have your database of customers that you use you have you want to protect that data so that they can't easily maybe email it to themselves maybe copy it to a USB thumb drive and export that data update it to a cloud application so these are all different layers we can turn on security for if you don't need there's no business case within your business for Dropbox onedrive other sites like that where you can store cloud data then let's turn it off and block it so that those inside threats also can't get access to those some of the ransomware is even using places like Dropbox and onedrive to store data on it because they know it's typically being allowed and accessed so again they can write ransomware to first copy some important files so maybe they'll look for your QuickBooks files maybe they'll look for Word documents and Excel spreadsheets and they will actually send those out to a Dropbox account or a cloud account of some kind so that they can have those files and then they will ransom your system off by encrypting all the files but no one will ever look any farther to see what happened so that layered approach is very important when you're looking at the overall risks associated with your business cybersecurity there's not one product or one technology that's going to protect everything as soon as we come up with a layer protection they're finding out ways to get around that layer so again we want them to run into yet another layer one reason for this is unless you're a huge target the harder you make it on someone the less likely they are to spend time dealing with you so if you have multi-factor authentication if you have some of these next-gen products and they run into these blocks that you put in place they're gonna move on and that want to spend as much time they want to get in and get out without notice without with ease and get paid okay so any questions on layered security and why you need it definitely reach out you have the website address dub dub dub sound - networks comm and you can always email me at MD sure that's em D is H er at Southwest networks comm or just give the office a call seven six zero seven seven zero five two zero zero till next time enjoy that cup of coffee you