The most valuable assets in your company are also the biggest threats to your network. Whether it’s intentional data theft or overconfidence in the security products in place, your users can be your biggest problem. Failure to “practice safe software” can result in unseen keyloggers that steal passwords and preventable attacks like porn storms (unstoppable rapid fire pornographic pop-ups).
In addition, failure to keep passwords safe can cause unimaginable loss of data. Online surveys promising “free stuff” often result in theft of information like your mother’s maiden name, high school, etc., all words or phrases often used to answer common security questions. This can lead to theft of otherwise secure information. Educate your employees to think before they click!
Social Networking Sites
Social networking sites such as Facebook and LinkedIn have exploded in popularity and can have legitimate business uses. However, the threats from these sites can range from malware (eg. viruses, worms, spyware) to scammers trying to steal identities, information and money. Many businesses use these sites to communicate with and market to clients and prospects, so simply blocking access is no longer reasonable or smart business. Defending your company while at the same time, allowing employees to access these sites requires special security education for your employees and the enforcement of strong acceptable use policies. While this isn’t difficult, most small businesses simply overlook this, leaving themselves exposed to easily preventable threats.
Everyone is going mobile these days, not just the “road warriors.” Once limited to laptop computers, mobile network devices now include smart phones, iPads, Surfaces, Chromebooks, etc. To make matters worse, new appliances and gadgets are appearing in stores every month or so. These mobile devices often contain highly sensitive data yet they are easily lost or stolen. Be sure employees password protect and encrypt data on all mobile devices and deploy a solution that will allow you to wipe data from any lost or stolen device. Be sure also to include mobile devices in your acceptable use policy.
“The Cloud,” in its most simple form, involves using the Internet to access and/or store data. When your employees access email using a web browser, they are working in “the cloud.” Using the cloud for automated off site backup is rapidly gaining popularity and it is just the beginning. Companies like Microsoft, IBM and Google are all working towards the day when we will use inexpensive devices instead of computers to run programs and access data located somewhere on the Internet. As a safety measure, be sure that any data you store and access across the Internet is secure – not just where it is stored, but during the trip to and from the Internet. Talk with your “cloud provider” to make sure they are encrypting your data on their servers, as well as during the trip to and from your computer.
KLH – Minneapolis IT Managed Services Provider
Scott Johnson COO, KLH 651-328-6121