5 Key things to take away
- Software Updates
- Secure passwords
- 2 step authentication
- Password managers
- Backups
Secure Configuration
- Close accounts which are not used (email, login accounts)
- Remove software you don’t need
- Change all default admin passwords to a strong passwords (network switchers, routers etc)
- Disable auto run features (usb sticks etc)
Boundary Firewalls and Internet Gateways
- Needed on office devices
- Change default pass
- Prevent your network being exposed to the internet
- Authentication to access internal services from internet
Access Control
- Do ot work on admin account day to day
- Use strong admin pass
- Do you have a list of (and process for) people in your organisation with admin privileges?
- No users with same user and pass
Patch Management
- Correct licenses
- All software supported (No XP or server 2003)
- Set to update automatically
- Receiving security patches
Malware Protection
- Anti-virus on all computers – Yes, including Mac
- Set to update itself automatically
- Set to scan on access
- Warn you about malicious websites
Use a firewall to secure your Internet connection
- Protect your internet connection
- Creates a buffer zone
- Between your computers and the Internet
- Twı types of firewall – personal and boundary
- VPN is very secure on shared wifi connections
- If you have 2 factor authentication on anything, turn it on
Choose the most secure settings for your devices and software
- Default configuration can have everything on
- These settings can also provide cyber attackers with opportunities
- Check the settings of new software and devices
- Delete unused apps, remove irrelevant permissions
- Use passwords
- Consider using wipe iphone option after 10 wrong passwords (if you don’t have small kids at home)
Passwords
- Use password manager: Last pass – you can give people access for a few passwords without telling them the password
- One password, dashline, last pass
- Check if your password or email is compromised https://haveibeenpwned.com/
Control who has access to your data and services
- Minimise the potential damage that could be done if an account is misused or stolen
- Extra permissions should only be given to those who need them
- Check what privileges your accounts have
- Only use software from official sources
You can download the checklist from Cyber Essentials website
https://cyberessentials.org/downloads/index.html
Protect yourself from viruses and other malware
- Windows has defender, mac has Xprotect
- Make sure you use a web firewall as well
- Phones tablets laptops computers – keep them updated
- Both OS and installed apps or software
- Security updates needs to be installed within 14 days
Devices
- BYOD – Bring your own device
- MDM – Mobile device management (MDM) is an industry term for the administration of mobile devices, such as smartphones, tablet computers, laptops and desktop computers. MDM is usually implemented with the use of a third party product that has management features for particular vendors of mobile devices.
Cyber Attack Stats
- 54% of UK companies hit by cyber attack
- Avg cost of cyber attack 3-36k GBP
- 96% of companies not confident can protect themselves
- Most common attacks by fraudulent email, impersonation and ransonware
- 76% of UK adults don’t know what ransomware is
- Ransomware 58% of organisations hit paid ransom
Backup
- Backup is very important especially for ransomware
- https://www.backblaze.com/
- Check G suite drive backup options
5 Key things to take away
- Software Updates
- Secure passwords
- 2 step authentication
- Password managers
- Backups

I’m founder and director of The Digital Agency; a certified Google Partner and Shopify Partner digital marketing agency operating in London and Istanbul. The Digital Agency has a solid track record of delivering high growth in eCommerce, Facebook & Google advertising, social media communication, search engine optimization, eCommerce and website production through 16 years of experience with 140 brands in 500 projects. Visit The Digital Agency here