Securing Information
Strengthening Business

Protect Your Systems from Cyber Threat with 7 Basic Security Controls

“80% of cyber attacks could have been prevented by having basic security in place.” Paddy Keating, Ascentor

Today we have access to more information than ever before. With the huge resources of the Internet; a massive increase in cheap storage capacity; the phenomenal take up of Cloud computing and social media – new threats and vulnerabilities arise. Technical equipment and systems are designed to be function and feature rich, not necessarily secure. Windows PCs only had a built-in firewall recently!

For business systems this means an increase in information risks and frighteningly, a rise in security breaches. All is not lost however. Just doing the basics will help to protect you from many of the cyber-threats your information systems face today.

7 basic security controls to protect your business

Get the basics right with these seven controls and you’ll be a long way towards making your information systems more resilient.

1. Passwords – Have strong passwords, change them regularly and don’t reuse them, yes its annoying to have to remember them and can sometimes be counter productive if they are written on a sticky note under the keyboard or on the monitor but there are software tools that can help.

2. Patching – Most of us use Microsoft products for some aspect of our business work; Microsoft has been the target of choice for cyber criminals and hackers for many years and they have a good track record of responding to problems found in the their products, but Microsoft’s efforts come to naught if the user doesn’t update or ‘patch’ their systems. Patching is paramount in protecting your IT hardware and the information it stores from todays cyber criminals.

3. Anti-Malware – Install Anti Malware (Anti-Virus) and keep it up to date. In concert with patching anti-malware provides the best means of protecting against new types of attack.

4. Access – Restrict access to your valuable information to only those that need it. Do you really want to have the laptop that stores the details of the ‘next big thing’ being used by your kids?

5. Admin Rights – Remove ‘admin access’ from those that don’t need it. Microsoft has made good inroads with regards ‘built in security’ with their latest operating systems, so consider upgrading.

6. Firewall – Work behind a firewall that is switched on! Even the inbuilt windows firewall is better than doing nothing. If you work on a network you should consider a dedicated hardware firewall and a device to protect from the myriad of web based threats. There are unified security devices that combine multiple security functions into one device that companies can use to protect themselves to reduce cost.

7. Encryption – In the ever more mobile workplace encrypting the devices that hold your valuable data becomes essential. Regardless of what the data is stored on (laptop, smartphone, tablet, usb drive or even a humble CD) it’s the data that needs to be protected so if you can’t encrypt the device you really need to consider whether the risk of having the latest (cool) device is worth the risk of losing that valuable data.

Don’t forget, once you have your systems protected test them to make sure the controls have been implemented properly and make sure nothing has been forgotten.

Article by Paddy Keating ,Director of Ascentor and Information Risk Management consultant.

Related information:


For Further Information

If you have any questions about the topics we've covered, or would like to have a chat about any aspect of your own cyber security strategy, please get in touch with the team at Ascentor.

Please use the contact details below - also found on our Contact Us page.


Fields marked with an * are required
Share this:

You may also be interested in:

Building business resilience - through Information Security, Business Continuity and Disaster Recovery

How would you recover if something went drastically wrong with some, or all of your business operations? When we think of worst case scenarios,

Ascentor’s cyber security review of 2020

2020 wasn’t the first year where a virus emerged causing large scale disruption and opportunities for cybercrime. It was, however, the first time

Cyber security myths putting SMEs at risk

SMEs have long been a favourite hunting ground for cyber criminals. Big enough to be of interest in terms of data held and yet often small enough not