Our long history of providing advanced network solutions has given us the expertise we need to fulfill the digital requirements of Ontario’s innovation community. That commitment extends to ORION’s work in cybersecurity. Keeping our digital community safe is vital to supporting Ontario’s research and education community.
Our community approached us to help support their cybersecurity needs and we have expanded our services to improve our community’s cybersecurity posture.
Together, with Ontario’s research, education and innovation community we can work together to navigate today’s complex technological landscape.
The Top Ten Things You Can Do to Protect Your Enterprise
1. Keep your assets up to date and fully patched. This means maintaining an inventory of your IT assets and keeping them up to date; disabling unused ports and services; and implementing antivirus/anti-malware/anti-phishing technologies to prevent, detect, and mitigate malware, including ransomware.
2. Examine your data and consider eliminating or archiving things you no longer need. During a cyberattack, the mean time to inventory, detect, and respond are three important metrics that can impact the breach costs for your organization.
3. Put your disaster response plan to the test and correct any parts of the process that do not go as planned. Everyone on a team should understand their roles and responsibilities for responding to a cyberattack.
4. Continuously build in employee cybersecurity awareness through bulletins, text, or email alerts, regular training, and other activities. This will demonstrate to employees that vulnerabilities arise and pose a threat to the entire organization.
5. Report social engineering incidences to your organization’s security team. The best example of this is a phishing email—fraudulent messages containing spam links or attachments.
6. Implement multi-factor authentication. MFA adds an additional layer of security around sites containing sensitive information and makes it more difficult for unauthorized people to log in as the account holder.
7. Safeguard protected data. Keep high-level data protected (e.g., credit card and health information) off your workstation, laptop, or mobile devices, and securely remove sensitive data files from your system when they are no longer needed. In addition, always use encryption when storing or transmitting sensitive data.
8. Be aware of who is accessing your accounts. Regularly review what accounts are active on your operating systems and devices. If you don’t recognize the account or if they have not logged in for a long time, disable or remove them.
9. Never leave devices unattended. Keep your devices locked so no one else can use them. If you keep protected data on a flash drive or external hard drive, make sure these devices are encrypted and locked up as well.
10. Back up your data. If you are a victim of a security incident, the only guaranteed way to repair your computer is to erase and reinstall the system.
We extend our sincere thanks to David J. Smith for permitting the use of content from:
Syms, F., & Smith, D.J., (2023). Cybersecurity in Canada: Operations, Investigations, and Protection, Securing the Enterprise (p. 277). Emond Montgomery Publications Limited.