In general terms, there are two different types of hacks: preventable hacks at the individual/employee company level and unpreventable hacks which should be countered from a managed service provider. Today we will give you some tips on prevention at the user security level. Many hackers or would-be surveillers’ can be thwarted at the user-level from accessing the individual’s accounts and devices, without much effort from the user.
Attackers can often infiltrate companies due to faulty security. Oftentimes, they can walk through the door and gain access to a server room and other important devices through a few simple techniques. It is important to remain aware for identification of potential intruders in a company. Some standard procedures can be implemented to secure your company’s office:
- Installing strong locks on doors, using hard-to-copy keys.
- Don’t issue more keys than necessary, while leaving some keys in access-controlled locations.
- Keep those doors locked.
- Install access control, video monitoring, biometric scanning systems and intelligent cameras.
- Be aware of potential intruders and be cautious upon approach.
Within the realm of an individual user’s computer, applications, files and other devices, there are some standard steps which should be adhered to for remaining protected. The following is a list of basic techniques to be implemented at the user level.
KEEP YOUR APPS UP TO DATE
One of the easiest and most integral digital security tasks as a user is to consistently update software (Operating Systems and apps) and system devices to the newer versions. Cybercriminals’ tend to go after “soft-targets”, such as: outdated software flaws in word-processing tools, spreadsheets, PDF readers and old web browsers. Not applying a security update is like not changing the lock to a door after anybody can access the key. GlobeNet’s Platinum Managed I.T. Services tools includes automatic security features updates for each application.
PASSWORDS
Next up are Passwords. Many users will reuse the same passwords over many of their applications. When remembering multiple passwords gets to be a bit much, a password manager can be of great resource. Password managers simplify the process by developing strong passwords for each of your accounts. The key feature of a password manager is that it will remember each password, where the user only needs to remember one secure password to unlock and manage them all. If you want to get really secure, make sure that your password manager can encrypt your data. The company LastPass is an example of a reputable, super secure Password Manager.
TWO-FACTOR AUTHENTICATION
The next link in the security chain is Two-Factor Authentication (2FA). 2FA grants computer access after successful presentation of two (or multiple) forms of evidence- usually numbered codes. Make sure to get an authenticator app instead of using text messaging (SMS 2FA)- which is less secure. Apps like Microsoft Authenticator and Authy are good options. If you want to get ultra-secure in 2FA, setting up a security key or a physical token is highly suggested because it is nearly impossible to hack through phishing. The keys can connect to a computer wirelessly or through USB ports. If using this option, make sure to have a backup key or have recovery codes stored safely. Keys like YubiKey and Titan Security Key are great options for this security measure. GlobeNet has partnered with Duo (a Multi-Factor Authentication platform) which provides security assurance solutions for your company’s applications and infrastructure.
USE ANTIVIRUS AND ADBLOCKER
A tried and true method. If your computer has Windows 10, you have an antivirus engine already installed, named Defender. If you like you can always let a third-party provider run their own Antivirus software on your system. Adblockers can protect from embedded malware in advertising from nefarious sites or sometimes even legitimate sites. AdBlockers like Adblock Plus and uBlock Origin are some common choices.
BACK UP YOUR FILES
Disconnect the network and back up the files to an external hard drive. Store the hard drive in safe location, unplugged from the computer. GlobeNet provides Backup and Disaster Recovery (BDR) solutions to ensure data safety and guarantees you’ll be back in business quickly. GlobeNet’s BDR secures your most vital information is backed up and readily accessible, safeguarding complete data continuity for your business.
OVEREXPOSURE AND SOCIAL NETWORKING
Pictures of detailed personal information like flight boarding passes and credit cards should never be tweeted or posted on Facebook or Instagram. Be aware of the information you post on social networking sites, as hackers are very likely to find personal information about you to try cracking your passwords and other techniques to gain access to your accounts. When business intelligence sites and a companies’ social media sites connect to external sites, those links can be ascertained by hackers for information about that business’ data centers, office locations, organizational structure, key personnel and c-level executives. Once key personnel have their social media accounts exposed, further data points are ascertained for use in social engineering attempts and email phishing campaigns.
BEWARE OF PHISHING
Never click on an email from a sender you don’t recognize and don’t click the links within if the email seems suspicious. It only takes a few minutes for an advanced hacker to access your contact list, all the other contacts of your company, their contacts, and sooner rather than later- administrative privileges. While end users cannot stop hacks into email and cell-phone providers or companies that store your financial information- training employees to avoid phishing attacks and reuse of stolen passwords could save your company from losing customers and reputation.
OPEN ATTACHMENTS CAUTION
Malware can be hidden inside of attachments such as PDF’s and Word Documents. While a strong antivirus program can thwart most of those attacks, better to be safe with good habits. If you don’t know the person sending the open attachment (or links), don’t click. If you have a question about opening any attachment, talk with your managed services provider before doing so.
The basic aspects of physical security (monitoring, access control, intruder awareness) and I.T. security (updates, strong passwords, 2FA, antivirus programs and adblockers) are well within your company’s control at the user level. Following these steps will rapidly increase the user’s device and application security from pliable to robust. Whereas taking a proactive approach to security at the user-level is better than no security at all, the reality is that businesses can’t always stop potential threats from accessing networks, systems and devices. Fortunately, GlobeNet takes care of everything for our clients. Our Platinum Managed IT Services offers complete IT infrastructure customer support. The Profile and Protect approach GlobeNet utilizes updates clients to the minute on the threats and risks to your business. Our comprehensive cyber security framework allows you to maintain regulatory compliance, manage risks, and protect your bottom line through the incorporation of the latest industry standards and Defense-in-depth strategies. From small, single location offices, to multi-city enterprise organizations, GlobeNet has extensive experience in the design and implementation of complete business I.T. environments.
Want to lower your business costs while improving productivity? Call, email or visit https://globenetllc.com/request-a-consultation/ today to schedule a consultation for your company.
Anthony Coco