Global Fastener News

NFDA on Cybersecurity: The New Normal

NFDA on Cybersecurity: The New Normal
July 24
17:11 2022

Cyber crime is a legitimate business in other countries, Will Snyder of WTC Business Technology Services told National Fastener Distributors Association members.

“Plan for a Cyber incident to happen… It is not IF, but WHEN!” Snyder stated. 

Snyder advocates a “shotgun” approach to system vulnerabilities/breaches. This includes security measures, staff training and cyber liability and business disruption insurance.

The first order of business is security. Measures such as DNS proxy, next-generation firewalls (with automatic system updates), GEO blocking (blocking traffic from countries where you don’t do business), content filtering and IPS/IDS (intrusion prevention systems and intrusion detection systems) are essential to help keep your business safe from hackers.

Such measures help “secure the edge,” Snyder explained.

Fastener distributors also need to “secure the endpoint.” This involves next-gen endpoint protection (antivirus) software with 24/7 monitoring, tightening your password policy (complex requirement that changes every six months) and access control, and device updates and patching (using RMM to automate and schedule Windows updates on workstations and laptops).

“Perform an internal vulnerability scan yearly to make sure nothing is missed,” Snyder emphasized.

Fastener distributors also need to secure their networks. This involves an improved password policy and access control and remote machine management (RMM) to support and monitor all network devices.

It’s a very big risk to have your email hosted locally, Snyder explained.

“My brother-in-law has an email server that has worked for the past 20 years: Why do I need to update?” won’t save your business in a cyber attack. 

Most importantly, businesses must secure their data. 

“If everything else fails… having a data backup stored securely” can get your business back up and running quickly,” Snyder explained.

To secure company data, put encryption on everything. Likewise, place “smart” cameras on all key areas, such as IT rooms. Use on-premises encrypted server image backups daily. And create documented disaster recovery/business continuity plans to prepare for the worst.

Educating staff on security risks is essential as well. Snyder encouraged “user security awareness training” and having staff take various phishing tests (social media, financial ACH, etc). Training should occur every quarter, he noted.

In addition, it’s vital to test your business response to everything. Disaster recovery and incident response test at least yearly and backups tested monthly, with all processes documented and documentation used each year in testing.

These solutions are not expensive but they’re essential in the 21st century, he noted.

“ALL companies are now at risk. Having simple antivirus software is no longer enough.” Web: NFDA-fastener.org

Related Articles

0 Comments

No Comments Yet!

There are no comments at the moment, do you want to add one?

Write a comment

Only registered users can comment.

error: Content is protected !!