Hub One, provider of information and communication technology services in professional environments, presents its 10 tips for improving cybersecurity inside companies. Through its initial recommendations, Hub One advises and supports businesses in defining and deploying information system protection measures.
- Not restricting cybersecurity purely to technical measures
Cybersecurity is still today frequently associated with exclusively technical measures (filtering, web, antivirus, etc.). An efficient cybersecurity strategy must also be based on organisational and human measures.
- Defining objectives
A security approach needs to be founded on a clear strategy, with the long-term involvement of top management, and taking account of the stakes, the data, the processes and the regulations.
- Establishing a diagnostic
To embark on a security approach, you need to begin with a legacy audit to identify the risks and prepare for them.
- Investing in your employees
The first line of defence remains your employees. It is vital to sensitise them to cyber risk and train them in passing on information.
- Facilitating the adoption of strong passwords
This is a priority for ensuring the security of the information system, and there are simple tools for facilitating password management.
- Managing flows
Protecting the information system includes controlling the physical and data flows: managing and controlling each movement needs to become a golden rule.
- Managing connections to the information system
Defining and communicating the rules of best practice for accessing the information system is the step making it possible to control the numerous entry gateways: USB port, Wi-Fi network connection, etc.
- Partitioning off networks to contain threats
Segmenting the networks will enable attacks to be confined and the damage to be limited, by avoiding any propagation.
- Supervising security
The cyber security policy must be founded on the principle of vigilance: detecting abnormal behaviours, surveilling administration accounts, monitoring network connections, etc.
- Regularly overhauling cybersecurity
In issues of cyber security, things are changing permanently and very quickly, and so you need to regularly test and adapt security accordingly.