This week in National Cyber Security Awareness Month
we focus in on Critical Infrastructure and the Internet of Things. What does critical infrastructure mean to your business? What IT components are essential to keep your business operating? These questions need to be answered in order to formulate a plan to keep your critical infrastructure available after a disaster or failure. This week the goal is to make sure you have a plan in case a critical IT component fails and needs to be recovered. This type of plan is called a business continuity plan.
How to Build a Business Continuity Plan
Typically the IT department has various tasks and processes that are required to meet the business continuity plan’s overall objective. Backup tasks for the configuration of systems and data is a common process along with recovering the configuration and data to ensure during a real failure event you have a known good backup. Another common task is actually testing your configuration if there was a failure. Let’s say you have two internet connections; in this case the task would be to bring one of them down and make sure your business can still operate on the backup internet connection. While building your business continuity plan, you’ll discover systems and devices that are considered to be a single points of failure, and this will allow you to create a plan for the event if they fail as well. This is all part of Cyber Hygiene for your business; knowing if something goes wrong, how to handle it, and what you could do about it. With other areas of your business, you have insurance and fire escape routes in the office for everyone to follow. There are two things you need your plan to clearly define: the steps for recovering a type of failure and who is responsible for getting it done.
The Internet of Things
Wi-Fi connected devices typically are laptops, desktops, smartphones but as technology has advanced there are now toasters, TVs, thermostats, and fridges. You can even get complete home automation
! With this plethora of connected devices comes an inherent security risk of whatever you connect to your network, which has the ability to communicate with everything else that’s connected. You want to make informed decisions about the devices and companies that are given access to your network. Creating segments within your network and only allowing these devices to communicate to the internet, and not with other devices, is one way to mitigate this risk. The United States Computer Emergency Readiness Teams provides great tips
on their site to help the millions of new connected devices.
One Last Thing
Just a quick note. Yesterday, PCWorld posted an article titled YouTube served users malicious advertisements, Trend Micro says
. The article explains how malicious advertisements were served up to users watching ads on YouTube via their own ad delivery system. As attacks become more nefarious, it’s important to build your defense in layers. For example web application firewalls, web content filtering, and DNS filtering are a few methods that immediately come to mind.
Bit-Wizards cloud managed IT solutions keep your IT systems secure and available.