Cyber security: 7 best practices to protect your business

According to the CESIN barometer [1] (Club of Information and Digital Security Experts), 1 out of 2 companies suffered between 1 and 3 cyber attacks during the year 2021. Hot topic, companies face these perpetual risks in order to limit the impact on their business. In 2021, 6 out of 10 companies that experienced an attack were impacted on their business.

In a context where cyber threats are becoming more and more common and virulent, we would like to share some best practices with you to protect your business.    

7 best practices to protect your business

• Organize audits of your company's IS

The organization of audits of your company's IS allows you to secure your tools and systems with the help of external actors specialized in intrusion tests.  

• Include security remediation in your DSI roadmaps

Nowadays, several types of remediation exist: short, medium, long term. It is necessary to include these security remediations in your DSI roadmaps not forget to include them in your projects and in any future developments.  

• Develop systematically a risk analysis

During your projects or proposals for new services, it is important to develop a risk analysis. This analysis will allow you to identify and anticipate possible dangers in order to more easily include a response to these threats when deploying projects.  

• Back-up and restore regularly

Backing up and restoring your data regularly allows you to have constant availability of the latter and to know the precise location of the types (Wifi, IP, GSM etc.) and places where you save your information by criticality. Also, remember to test restoring backups regularly.  

• Control user account permissions

Set up a rights control on the user account by applying the principle of least privilege. The implementation of this principle will allow you in the event of attacks, to limit the consequences on the information systems.  

• Log your equipment

Activate logging on your systems and network equipment in order to detect and remedy illicit network access or anomalies on your network.  

• Involve and train your employees

Empower your employees by showing them the behaviors to adopt to good practices. By involving and training your employees, you reduce the risk of attacks on your information system by 70%.

Discover our specialized offer in cyber security: the SHIELD offer.

Extia has developed SHIELD to support its customers in their digital security challenges. By conducting intrusion tests or security audits, our teams are able to secure your information systems regardless of the problems you encounter.

Our teams are made up of experts trained within our internal academy to provide solutions adapted to the environment of each client. Organized into red and purple teams, they have dual technical expertise and advice and know how to guide you for each remedial action.

To contact our teams: shield@extia.fr

[1] : https://www.cesin.fr/actu-7eme-edition-du-barometre-annuel-du-cesin-enquete-exclusive-sur-la-cybersecurite-des-entreprises-francaises.html