While these rules have been borrowed, we’ve injected a few of our own insights that have come from our experience in serving AREASERVED businesses.
Watch What You Click
Many, many threats rely on the end user to actively do something to trigger an infection or other issue. Due to the solutions developed by Microsoft and other security software providers, the idle workstation waiting for a new hire is far less likely to be a security issue than the one next to it, where a user logs in each day to do their job.
This is known to cybercriminals, and so they focus their efforts on targeting end users as their points of entry.
One way they do so is to use email to distribute their attacks. They’ll disguise their threat to look like just another attachment on just another business email, so a user clicks on it and – whoops – there goes your network. Other threats may be bundled in an installation of some other application – kind of like how those browser toolbars that would mess with your computer used to be installed.
Some of these threats, like the browser toolbars, are slowly going extinct through improvements to the software itself, many threats aren’t going away. Scareware can still appear on a website and fool you into downloading the “antivirus needed” (actually just the malware) and infecting your system yourself. Taking a moment and considering what you are about to do before you actually follow through with it may help you avoid a threat. Remember, your IT support provider is always there to help you out if you need assistance in one of these situations.
Keep Everything Updated
Consider how often the software programs you use are updated by their developers. Every so often, developers will release improvements to their existing programs – shoring up issues and bugs in the software, compatibility problems, and adding patches to vulnerabilities, as well as simply adding new features and enabling the software to run more effectively.
Now, can these changes be scary? You bet. I can’t tell you how irked I was when my smartphone’s Gmail app suddenly moved the option to switch inboxes to the other side of the screen. It has been months, and I still have to take a moment to correctly switch from one account to another.
As scary or as frustrating as these updates may be, they usually include some security feature that you can’t afford to neglect. Cybercriminals are relentless in their search to find new ways to exploit the software that millions of potential targets use – as you’d expect them to be. In fact, many of them pay attention to the security updates that developers release, because they know that many people wait to run the update. As a result, the longer you procrastinate a security update, the more you risk falling victim to the precise threat it remedies.
This is exactly why we so frequently recommend that you keep up with your updates, on every device you have that connects in any way to the Internet. Every workstation, mobile device, laptop, tablet, e-reader, every smart appliance in the break room, everything and anything with an Internet connection. While many devices like these have updates applied automatically, you need to be sure – otherwise, you run a much greater risk of a security breach.
Channel Marie Kondo
Speaking of keeping things updated, how many times have you been prompted to update software that you don’t really use anymore? Why not just remove it from consideration?
While your business’ solutions may not, as tidiness and organization guru Marie Kondo says, “spark joy,” they should certainly serve your company some purpose – otherwise, they are just sitting on your network. This means that there’s one more solution that you could easily overlook when the time comes to update (and if you aren’t using it, you very well might forget you have it), meaning that there’s one more potential vulnerability on your network.
As Kondo has said, “Once you learn to choose your belongings properly, you will be left with only the amount that fits perfectly in the space you own.” In other words, it helps to audit your technology, which brings us to our final cybersecurity recommendation.
Audit and Document
There are a lot of decisions that you have, to be frank, forgotten about. Unless you were blessed with the greatest memory in history, there is no chance that you remember each and every choice you’ve made in just the last week, let alone in the last month, or year, or however long you’ve been in operation. So, even if you have the particular scent of a certain terrifying high school teacher’s perfume burned into your brain, or a vivid memory of the first time you tried cauliflower as a child, you’ve probably installed a few applications onto your network that you have no recollection of installing.
As we’ve already established, this can be a problem.
You also need to keep in mind that it isn’t just the odd application that can create these issues. They can also come from old hardware on your network, outdated server settings or online security credentials for your bank, your email, or your social media. An audit can help you catch these kinds of issues before they develop into real problems, and keeping in-depth and detailed records updated can make this process easier over time.
By subscribing to these rules, you stand a much better chance of keeping your company safe for a much, much longer time. However, they aren’t the only things you need to do to be secure. We can help with the rest, too. For more assistance in keeping your business safe, give Level5 Management a call at (561) 509-2077.