Budget-Friendly Tips for Boosting Cybersecurity

As cybersecurity breaches grow more frequent, sophisticated, and costly, companies around the world continue to invest more in preventive and detective measures. Worldwide cybersecurity budgets have increased by 141 percent since 2010, with spending on products and services expected to exceed $130 billion in 2020.

However, some of the very best security practices you can implement cost little to nothing. Here are three measures that will improve security without making much of a dent in your security budget:

1. Increase Security Awareness

Many cyber breaches are inadvertently caused by internal users. Roughly one-third of all cyberattacks involving phishing, according to Verizon’s 2019 Data Breach Investigations report, and they continue to trend upward. Microsoft claims phishing attacks have risen by 250 percent in the past year. While phishing techniques are well understood, people continue to fall for these scams and open malicious emails and attachments.

Teach your staff some of the telltale signs of a phishing scam. No matter how official an email might look, spelling, grammar, logic and syntax errors should raise red flags. Also, everyone should understand how to identify the true source of a link or email — simply hover your mouse pointer over the link or the address to reveal the true source.

Consistent training and education programs reinforce the need for employee diligence. Company intranets or self-service portals are great platforms for conducting instructor-led classes, webinars and video training sessions.

2. Get Serious about Passwords

Traditional password practices are broken. One study found that the average business user has nearly 200 unique passwords — a number that strains the limits of human memory and encourages a range of risky password practices. It’s no wonder that more than three-quarters of all confirmed data breaches involve weak, default or stolen passwords.

Encourage employees to create strong passwords that can’t easily be guessed, using long combinations of words, numbers, symbols, and both upper- and lower-case letters. Users should also change passwords every few months and avoid using the same password for multiple sites or services. Enhancing your default password policy is free to perform on all directory services such as Microsoft Active Directory.

Even better, consider using a passwordless technology or a password manager that allows users to create and store unique passwords for all their accounts. Passwordless technology is the newest in authentication approaches and is being adopted in many different use cases.  Password managers work by encrypting a list of passwords with a single master password and/or token that only the user knows or has. The best also have a built-in password generator that ensures passwords are complex, difficult to guess and changed frequently.

3. Consider URL Filtering

URL filtering is designed to identify categories of websites or specific websites to block from end users. An inexpensive way to implement this is to create a whitelist of websites that are required for your business to function. It can also be deployed as a standalone software tool, a hardware appliance or as an integrated element of a unified threat management solution. Cloud-based solutions can be used for a small monthly subscription fee per user.

Filtering solutions typically cross-reference web address requests against dynamic databases of URLs, IP addresses or even character strings. The database then produces a real-time “safety score,” which your firewall compares to your local policy setting in order to either allow or deny access. The idea is to block content that is inappropriate, unproductive or even illegal in order to reduce the risk of infection by viruses, Trojans, adware and other malware.

More advanced solutions can filter web-based applications, identify malware signatures and examine instant messaging and email to protect against data leakage. They can also enforce access policies on remote and mobile devices that are used outside the network.

There are many other budget-friendly practices organizations can use as part of a layered security posture. Of course, these measures can’t replace more sophisticated security products and services — organizations still need to invest in a variety of prevention, detection and response capabilities in order to limit their risk profile. However, these easy and inexpensive complementary measures contribute to a robust security framework.