7 quick solutions to improve information security

According to a recent study by McAfee, the overall cost of cybercrime in 2017 exceeded $ 600 billion, with a 13% increase in the number of reported vulnerabilities, and annual costs increased by 23% to an average of 11 , $ 7 million.

The number of new variants of mobile malware has increased by 54% compared to 2016. Fraudulent mining of cryptocurrencies has increased by 8,500%. On average, Symantec reports for 2017 the blocking of 611,141 web attacks every day. Symantec experts report only 27.7 million blocked attacks in October 2017 alone.

Financial fraud, underground economy and illegal payments increased 1.8 times compared to 2014. Ransom requests for unlocking infested systems increased by 36% in 2017. Over 4,000 daily attacks have been reached.

7 quick fixes for vulnerabilities
You can apply the following 7 solutions to protect your business from unauthorized access, from incidents of negligence, lack of knowledge or lack of time for updating technical security measures. Depending on the complexity of the information systems and networks you use, most of the time these solutions will only be a first part of improving your data protection. Remember that the phenomenon of cyber crime is constantly changing.

#1. The first solution is a security audit of the systems and the IT environment in which they operate, to ascertain the reference level of the existing security measures and the degree of resistance to attacks. This analysis is essential and may include exposure assessment against security risks, penetration testing and vulnerability scanning. In the absence of such verification, any measures will be applied "blindly", their efficiency being drastically limited.

#2. The second solution is to update all software solutions installed and used on computer systems, using the latest packages, made available to users by authorized providers. At the same time, it is necessary to remove all unstable programs or from unverified sources. It is necessary to check how these applications communicate with each other, what information they access and transfer, especially to external systems.

#3. The third solution consists in updating the policies for the use of information systems and installing access protocols and controls, monitoring the activities of the systems, their communications and the changes that deviate from the accepted norms. The determination of a safe working environment depends essentially on the behavior of the users of these systems.

#4. Given the importance of user behavior in a safe environment, regardless of the technical measures applied, periodic training of staff is vital to reduce the risk of security incidents. The required training sessions cover at least the way in which the email communication platforms are used, accessing unknown links, opening files from unidentified sources or using in a secure way the information systems.

#5. Permanent monitoring of the activities carried out through the computer systems is essential, because it allows to reduce the reaction time in the face of potential security threats. Any unusual behavioral pattern, any suspicious activity, any attack can be detected and annihilated much more easily, when there are successive alerts and automated monitoring for current processes.

# 6. Properly configuring the security settings can ensure the activities are carried out in a protected environment. The time invested in customizing the settings, from the complexity of the user names and the uniqueness of the access passwords, to the activation of only the necessary services and executable files, will contribute to the protection of the servers, databases, used applications and the individual systems in function.

# 7. Creating backups for the necessary information allows the recovery to be done efficiently and completely, within a reasonable time, limiting any damage. In addition, it is necessary that these copies be best protected and isolated from the main flows of internal and external data traffic, so that their access and compromise may be difficult or even impossible.