Cyber insurance providers have been hit hard by payouts connected to hacking events. These hacking events are increasingly sophisticated and persistent. Insurance providers are being forced to up the standards that they require before renewing cyber insurance or starting new coverage. This is putting an extra burden on companies to add to, and upgrade, their information technology infrastructure. However, the benefit goes beyond just coverage in that these security tools will help keep your data safer and prevent business interruption.
Trusted technology partner Interlink Cloud Advisors has helped thousands of businesses get their cybersecurity up to standard. To help you, they’ve created a list of the top 7 requirements they are seeing and why they’re a great idea:
1.Multifactor Authentication
As the name implies, multifactor authentication (MFA) involves setting up extra steps into the login process to help ensure the identity of the user. It can be as simple as requiring verification via text messaging after inputting your password, though the specific steps can be changed for your business and security needs.
Conditional access is a way to change how much verification is required to access specific parts of your systems, as well as specify when additional security should be required. Conditional access is a great way to secure your data while minimizing interruptions to your team’s work as they access files and accounts. For example, you may require MFA when someone is accessing a specific admin account remotely, but not if they’re accessing the same file when they are physically in your main office.
Since hackers now have databases harvested from previous hacking events across the web, passwords alone simply aren’t enough. If your team doesn’t have multifactor set up at all, we recommend making it a top priority; it’s an easy set up process, plus Per-User MFA is included with all Microsoft Office 365 Plans and is free to use.
2.Endpoint Detection and Response
Endpoint Detection and Response (EDR) is the next generation of antivirus. Think of it like Windows Defender (the free antivirus tool) on steroids. Microsoft Windows already comes with Windows Defender built in, but by adding in EDR with Microsoft Defender for Endpoint, you have a wealth of detection and response capabilities that are a powerful toolkit.
These tools include protection from new emerging threats, auto investigation and response, threat and vulnerability management, and can include access to assistance from Microsoft’s Threat Experts. Simply put, regular old antivirus isn’t enough protection anymore from the more sophisticated attacks that are being used today.
3.LAPS
Local Administrator Password Solutions (LAPS), the passwords that give full access to individual PCs have been a popular attack vector for hackers for years when many companies never changed the default or used passwords that were easy to remember. Hackers love these exploits, leveraging this access to make additional attacks across the network. LAPS is a cybersecurity must-have because it takes all local admin passwords, gets rid of the defaults, and automatically replaces them with extremely secure ones. Then, it continually shuffles those passwords, making it extremely difficult to crack your admin passwords, and even harder for a hacker to maintain control of the accounts in the event of a breach. These LAPS are rotated on a pre-determined schedule, using randomized characters and administrator-defined complexity requirements, making them secure and preventing a single account from being able to invoke irreparable damage if compromised. Not only is LAPS an effective security measure, but it’s relatively easy to push out. Plus, you can control who has access to various levels of admin privileges, so you can say goodbye to having various admin passwords out and about. Given how helpful it is and how quickly it can be set up (in many cases, it takes less than an hour) we can’t recommend it enough.
4.Encrypted Data and Data Backups
What if the worst-case scenario happens and you get hit with ransomware? Do you have data backed up and a plan to wipe and restart your internal systems? Not only is having these preparations in place a requirement for most cybersecurity insurance providers, but it’s a great idea to establish so if your system is compromised, you don’t have to face a doomsday scenario since you already have your data backed up off-network and can wipe your system and use your backups to get back up and running. (Not fun, but better than the alternative!)
Azure backup is a great solution because it’s built into the Microsoft system. Being stored in the Cloud allows for version history control and encryption protection. For Office 365 information, we recommend utilizing a third party who stores the data outside of the Microsoft Cloud – Metallic is a great choice with protection across the Office 365 and Azure Clouds.
Regardless, you want to have good company guidelines in place that ensure you and your team save your important data in secure, designated places, and you want to have a written disaster recovery plan. Your disaster recovery plan should designate who to contact, what your failsafe is connected to, and how to restore the files onto your system in the event of a breach. You need disaster recovery, and remember – you NEED to test your backups!
5.Privileged Access Management
Privileged access management is similar to privileged identity management, but built for on-premise. It functions similarly to multifactor authentication but for your system accounts/admin accounts. If an account gets compromised, privileged access management prevents damage by requiring users to prove they are who they say they are, with something such as an MFA prompt. It forms another layer of security to protect admin powers which can give all access rights across the environment.
6.Email Filter/Security
End users are the easiest access point and are where 70%+ of cybersecurity attacks originate from. It’s crucial to take measures to prevent any sort of compromising messages and emails from reaching end users to begin with. There are 2 main levels to this approach:
7.Regular Patching for Endpoints
Regularly patching your endpoints is an essential step for cybersecurity. If security holes are found in a system, or a zero-day alerts go out, having a system in place to update them regularly will ensure they get fixed. Typically, cyber insurance providers want to see some kind of process such that if a high-level patch goes out, there’s some understanding of how long it would take to get pushed out to your systems and how effectively you can get it out there. Since many endpoint patches are security-related, it’s important to make sure you have a plan in place to update your systems and devices.
In addition to getting your cybersecurity up to standard, Camargo Insurance recommends comprehensive cyber insurance provided by a top rated cyber insurance carrier. We offer instant quotes with comprehensive side by side coverage and pricing breakdowns from top rated carriers on our website. Most businesses under $50Mill in revenue can complete our entire application and get an instant quote with a side by side coverage and pricing breakdown in less than 3 minutes. Get started now!
How Interlink Can Help
Confused about how to answer the questions from your insurance carrier? Looking for ways to quickly improve your score? Wondering how to build your initial cybersecurity infrastructure or get your existing efforts to the next level? Interlink is a top Microsoft partner with extensive cybersecurity expertise. Interlink has seen customers impacted by hackers and has learned about their most likely entry points, their technical experts are constantly honing their skills through Microsoft certifications, and we can help you achieve your individual cybersecurity goals. Plus, they have experience building companies back from the ground up quickly after a security breach, so regardless of where you are in the implementation process, they’re ready to help. Contact Interlink today!