Education and technology insights powered by HP
Security

How to Build a Hack-Safe Infrastructure

March 16, 2018

How to Build a Hack-Safe Infrastructure

We know that the way we work has changed: it is mobile, it is digitally collaborative, and it is increasingly reliant on cloud-based systems. At the same time, digital risks have changed. Cyber attacks now increasingly target these new modes of work.  Security measures like firewalls and anti-virus software that protected old-style workplaces just won’t cut it today. 

When it’s time to plan your next IT upgrade: make sure that addressing today’s cyber threats form a core part of your strategy.

Software

From operating systems to network protocol, firewalls to anti-viruses, software decisions play a critical role in organisational security. But most users spend the majority of their time within an application to use word processors or spreadsheets, or a cloud-based SAAS (Software As A Service) system such as SAS, Xero, Salesforce, or Zendesk.

How do you secure your software? That depends.  Old-style, hard-disk based software needs old-style measures like an anti-virus software that’s regularly updated. This also includes regular software and OS upgrades to stay ahead of new attacks. But the vulnerabilities in a cloud-based system are different — there’s a lesser chance of a virus and more chance for a data breach. Here’s where you need solid protocols such as strong passwords, multi-factor authentication, and a solid anti-hacking protection. And for your network: install a software firewall on every device that connects.

Multi-factor Authentication

Multi-factor Authentication (MFA) promotes single-user security. MFA means you need more than just a password to get access to a system, you need a second, independent credential. The simplest MFA combines a password with an SMS sent to a pre-authorised mobile phone. This can be a hassle and because SMS can be received on various computers and programs, it has holes. Far more effective and difficult to compromise is biometric identification such as fingerprint, facial or iris identification. Biometric access is easy to use, which makes it far more likely that users will comply. It is also difficult to circumvent, adding another layer of complexity against cyber attacks.

Hardware

We’re in a new digital era, where The Internet of Things(IoT) is a reality — and that means that there are millions of devices that can potentially access your network. Your WiFi network should require the highest encryption protocol or WPA2. But what hardware has a trusted status on your network, and how can it be hijacked? It’s time to get suspicious: understand the vulnerabilities left open by each device that can gain access to your network — from printer to server rack, from modem to router, to your mobile device and every desktop and laptop that’s allowed to connect. And once you know where the weakest link is, shut that door and fast.

BIOS Level Protection

Anti-virus software is only as effective as the most recent batch of signature downloads. Biometric identity protects you against unauthorised access, but that’s no help when your user inadvertently downloads a malicious file.

Today’s most malevolent and destructive attackers use BIOS-level code, which once opened, infects the computer’s Basic Input/Output Operating System — a critical system component which loads before the operating system and before user authentication is required. The only protection against this level of attack is BIOS-level security which detects any change to the BIOS and restores it to default before an attack can proceed.

Win the race to protect your digital life from cyber-attacks – with the zero-compromise HP Elitebook x360 with Windows 10 Pro .

The IT security at your workplace may be at an all-time high – but mix it up with today’s digital threats and things may get a whole lot murkier. Check out the 2018 HP Australia Security Study which found that less than half of Australian SMEs have conducted an IT risk assessment in the last year.