Cloud Alerting is essential, but what else can you do to prevent attackers from getting in at all?
MFA: Multifactor authentication is the #1 thing you can do, and FOR FREE, to secure your cloud environment.
- This old hat to you? Good! Most businesses still don’t have it implemented!
- Remember…You need MFA in everything. Even your social media accounts.
Conditional Access Policies: These are technical policies that restrict when and where users can log in. The most common one we implement at [JM Addington Technology Solutions / CyberSecureRIA] is geographical:
- You can only log in from the USA.
- Exceptions: Remote workers and wherever you vacation if it’s out of the country.
Turn on Email verification (DKIM/SPF): DKIM and SPF are public-facing technical records used to prove that your server sent emails – if a record doesn’t match or is missing it gets flagged as spam or malicious content.
- This goes a long way to prevent phishing attacks. An attacker can’t use your actual domain without tripping red flags.
Turn on the built-in protections. Microsoft and Google both have protections built into their products.
- Reality check: At [JM Addington Technology Solutions / CyberSecureRIA] we don’t see them turned on until we turn them on.
Examples include:
- Antiphishing technology
- Antispam technology
- Safe Links
- Safe attachments
- Turning off insecure ways to login
What about all of those external sender warnings? Keep these on, but don’t confuse actual security with security theater.