Page 70 - Grapevine NovDec 2021
P. 70
International News
information on the Dark Web for a tidy profit and 2. Two-Factor Authentication Is a MUST . Make
scarily enough, you might never know you’ve been sure to implement two-factor authentication
compromised. around all of your company’s key software
applications and systems, providing an addi-
Just Enough Rain to Stress the Vine: tional layer of security. Never, ever reuse
A walk in the cloud(s) passwords across accounts or devices, and
if your budget allows, implement solutions
In the face of myriad risk and attack vectors, it’s that employ a Software Defined Perimeter
tempting to take the path of least resistance, and (SDP) approach. Be aware, however, that
send up a prayer that you’ll be among the lucky while these solutions offer advanced secu-
ones to not suffer a cyber breach. But in today’s rity, because they are more complex they
climate, that’s risking a lot more than bottle shock. are costlier; plus, there are the added costs
Companies today, regardless of their size or indus- associated with hiring staff who have the
try, need to assume that it’s not a matter of if proper expertise to manage them.
they will be targeted by cyber crime, but when.
Depending on your size and budget, running a full- 3. Operate on a need-to-know-basis. In gen-
scale Security Operations Center might not be in eral, it’s a good idea to limit the amount
the cards, but there are steps you should be taking of network access your employees have
to protect your business today and in the future: — compromised accounts can be used to
create shadow employee accounts which
● Suspicious emails should trigger the same in turn can be used to move around a net-
reaction as a wine that’s corked. Avoid it at work. It’s especially important that top-level
all costs. Phishing emails are a popular attack executives and owners aren’t given the full
vector, and unless you know what to look for set of keys to the kingdom just because
(and how), you are putting yourself and your they’re the boss. Senior-level employees
company at risk each and every day. Educate and owners are prime targets for cybercrim-
your staff on what to look for and make sure inals looking for ways to infiltrate a system
that whatever training they receive is specific and move around with impunity. Someone
to the vineyard/wine industry. People like to might ask why your front-desk staff is nos-
think they won’t fall for the “Congratulations! ing around a payroll system, but no one will
You’re a winner” emails, but are they prepared question the boss.
to investigate those emails from your attorney
or best vendor? Additionally, you should ensure 4. Virtual private networks (VPN) are more
that your department systems are segmented, than a good idea. They provide secure and
preferably using the principles of Zero Trust. encrypted connections between systems
That way, if one person accidentally opens a (files shares, email servers, etc.) and ensure
malicious email, they won’t be granting a hack- that your communications can’t be inter-
er access to the whole system. cepted.
● Maintain Security Hygiene: Network systems 5. Lock down your operational technology (OT)
need to be maintained and cared for just as you systems and ensure that they are not left
would oak barrels. Security hygiene is a critical internet-facing.
component of cybersecurity and at the very
least should include: ● Automation technology is complicated and pro-
tecting it, even more so. You can’t assume that
1. Regularly patch and update your software everyone further down the supply chain is tak-
You’d be surprised at the number of breach- ing a serious approach to cybersecurity or even
es that could have been avoided simply knows where to start. It’s incumbent on you to
by keeping software systems patched and protect your business, so talk to the experts. Be
up-to-date. It’s estimated that a third of all sure to talk with your insurance providers, legal
data breaches come as a result of unpatched team and other key vendors to ensure you have
vulnerabilities when patches were available. a plan in place for when the inevitable happens.
(Looking at you, Equifax).
Page 68 The Grapevine • November - December 2021 877-892-5332
Grapevine Main Pages GV111221_Layout 1-1 .indd 68 10/26/21 3:44 PM
