Recently there has been media coverage of widespread and sustained cyber threats targeting Australian governments and companies by a “sophisticated state-based actor” thought to be from China. It is important that even small businesses and not-for-profit organisations remain “alert but not alarmed” and look to secure and protect their organisation and computer systems as much as they can in an attempt to minimise this threat.
Whilst internet security software will cover selected threats such as viruses, malware and the like, another aspect of this is also ensuring you apply any critical updates to Windows, Office and other programs such as PDF readers and web browsers as quickly as possible (within 48 hours). Many of these can be configured automatically to update on your computer but you may wish to manually check also to see if any updates are available (especially with products which have regular updates).
As well as this, we would also strongly suggest ensuring you have configured your various cloud products such as Microsoft 365 for multi-factor authentication. In addition, internet-connected remote access products such as your accounting packages, remote desktop, virtual private networks and collaboration platforms should also be have multi-factor authentication.
We would also suggest taking additional steps such as those set out by the Australian Cyber Security Centre. They have released a model known as the Essential 8 (link opens in new window), which we use when setting cyber security strategies for our clients. Applying updates and multi-factor authentication are two of the most important strategies set out by the Essential 8 model to consider in light of the current threat, but should only be one part of your business’s cyber security strategy.
If you would like assistance in setting up automatic updates, multifactor authentication or developing your cyber security strategy, please contact us today.