8 Threats to Watch for This Holiday Season

Step up vigilance during the holiday season: Knowing that businesses will be short-staffed or even preoccupied at the end of the year, cyber criminals intentionally target businesses in Q4. As a first step, keep systems patched and remind employees about cybersecurity risks like phishing and preventative measures. Look for suspicious behavior such as access from countries where you don’t have any operations or customers.

Protect data in POS environments: Point-of-Sale (POS) devices enable consumers to complete purchases and transactions safely. These devices access critical infrastructure and assets as well as communicate with payment processors and banks. POS threats can include file-less attacks, ransomware, zero-day attacks and skimmers placed physically on devices. Use PCI DSS compliance standards as the starting point to identify POS risks and best practices. However, it is critical to realize compliance alone is not enough for adequate security.

Don’t overlook work-from-home security: Your customers will continue to encounter more cybersecurity vulnerabilities as laptops remain outside the IT perimeter of headquarters. Employees may use work devices for online shopping or charity donations during the holidays, or, conversely, use less-protected personal laptops for work tasks. Layered defenses can help you stay current on remote work threats to rapidly mitigate persistent and well-funded adversaries.

Boost endpoint security: With over 70% of threats starting on network endpoints like laptops and mobile devices, it’s clear that traditional endpoint security tools like anti-virus are insufficient. Endpoint protection platform (EPP) capabilities can block and even prevent threats in real time before damage occurs.

Use multi-factor authentication (MFA): Increased authentication protection with multi-factor authentication (MFA) is an easy way to strengthen your security posture. MFA provides an additional layer of security that can compensate for weak or easily guessed passwords. Make sure you and your end-customers are both using MFA.

Limit access to data: Access to sensitive information should always be on a need-to-know basis. Today’s security platforms offer role-based access control (RBAC) that restricts users from viewing sensitive data outside their job functions. Remember to take proactive steps to automatically remove access when no longer needed.

Conduct vulnerability scanning: Think like a hacker and understand where your vulnerabilities lie. Managed vulnerability scanning identifies, prioritizes and remediates security gaps before attackers find and monetize them. Many compliance regulations such as HIPAA and PCI DSS require vulnerability assessments.

Maintain comprehensive visibility and monitoring. A crucial foundation for security teams, a security information and event management (SIEM) system begins with the collection, standardization and storage of security event data to analyze and offer real-time alerts. Examples of suspicious activity that a SIEM detects include excessive or failed logins, authentication attempts that bypass privileged access management, and unusual increases or decreases in traffic or geographies. Managed Threat Protection by Netsurion includes a SIEM managed by a 24/7 security operations center (SOC) purpose-built to the needs of MSPs and MSSPs.