Whether you work in a small business, a growing mid-size business, or a large enterprise, protecting your business from cyber threats can seem like a daunting task. A smaller business may not need the robust protections required for an enterprise, but regardless of the size of your business there are five basic steps that are absolutely essential.
By themselves, these steps won’t prevent malware attacks, but they will limit an attacker’s ability to execute their attack and lower the chance that one infected device will spread the problem to other devices on your network.
Don’t Fall for the Myth of a Safe OS
There’s a widespread myth that some devices or operating systems are “safe”, and therefore immune to threats. Unfortunately, that’s a myth that can lead to serious security holes in a
Endpoints such as home computers, laptops or mobile devices (tablets and smartphones) that are thought to be safe may not be protected or even monitored. So when they are exploited – not if, since it’s usually just a matter of time before any device is targeted – these “safe” devices become a gateway to the rest of the network.
All operating systems, the software on them, and the hardware they are running on are vulnerable, and every device that connects to your company network needs to be monitored and protected. For instance, eight significant vulnerabilities in the iOS operating system were identified in March and April 2014.
Protect Employee’s Home and Mobile Offices
Do any of your employees ever use their home computer for work-related tasks? Before you say “no”, stop and think about this statistic from Harris Interactive: 91% of employed Americans work “off the clock”, performing work-related tasks at home.
It’s true that only 1 in 5 working Americans are actually authorized to telecommute or perform most of their work from a home office, but nearly everyone takes some work home for “off the clock” catch up work. This means that user-owned devices such as smartphones, home computers, tablets, USB sticks and even game consoles have become an essential part of protecting your office network.
Why? Because even an employee who follows security best-practices at work may not follow them at home. Consumer Reports wrote this week that 62% of Americans have done nothing at all to protect their online privacy or the security of their mobile devices. Add in the fact that many home computers are used by family members who know little about security best practices, and you have a situation where an employee’s desire to “get the job done” by taking
work home could become the source of a companywide malware infection.
The temptation to ban all connections from external devices, or create a policy against using personally owned devices, may be strong – but it isn’t practical. A better way to handle the problem is to provide employees with security software for their own computers, smartphones and tablets, and regularly scan and audit personally owned devices to make sure they have up-to-date protection.
When you’re considering mobile devices, don’t forget about the need to provide secure mobile printing. Users who need to print documents, images, marketing literature and other digital files may need access to the company printer fleet, as well as their home printer and public print networks. Only a secure mobile printing solution like Breezy, which uses on-device
encryption to protect company data and provides monitoring can ensure that mobile printing doesn’t become the Achilles heel in your data security plan.
Train Users to Use – Not Abuse – Resources
User training is the most important tool a company has in the battle against hackers and malware. Users need to be aware of the fact that using company resources is a right that comes with responsibility, and that abusing the privilege has consequences.
When a system is infected with malware, there are predictable steps as it spreads. Malicious code tries, for example, to create or change files or registry values, copies itself to shared network resources, and create or end processes. To do these things, it needs network privileges.
To minimize malware’s impact on the network, it’s important to match user privileges to user needs. Employees need to have enough rights on the system so they can work and use work-related services, but most employees don’t need all of the privileges they have. To avoid dissatisfied users, training about malware effects and policy enforcement is vital.
For more information about integrating secure mobile printing into your IT plan, download a
datasheet on Breezy for Enterprise or download a copy of The Definitive Guide to Mobile Printing, a free ebook from Breezy.
Photo credit: The photo of the laptop and cell phone user was offered on Flickr under a Creative Commons license.