Computerware Blog
3 Mistakes that Can Slice Through Your Security
One technology misstep a business will make is to think that having one good anti-virus program is all they need. Having strong security software is just one part of the security equation; the habits of the user are equally important and are often neglected. An inexperienced user can void even the best security software.
You can think of your company's network like a power tool. It's designed to make your job easier, but like a power tool, when it's mishandled, it can be dangerous. The blade that can so easily cut hardwood will also cut through bone. Even with all the security features that come with a power tool, in the hands of a dummy, a hand may be lost.
Training employees to properly use your computers is just as important as having shop class for a young craftsman. Nobody who values safety will give a teenager a circular saw and say, "Build me a piece of ornate furniture." If you want to have an inexperienced woodworker build you a chair using a bandsaw, then it would be smart to have a first-aid kit handy.
Before you give a new hire login credentials and grant them access to your network, you will first want to send them to network security shop class. Here are three security practices you will want to train your new employees in that will keep your data and everybody's fingers safe.
Be Careful What You Download
All it takes is one slip up to bring down your entire system with a single bad download. Without clear Internet usage policies in place, or if an employer doesn't take the time to assess their new employee's understanding of security fundamentals, then you are leaving your network vulnerable to malware from bad downloads.
One common scenario where bad downloads happen is when an employee finds a better way to do their job using different software than what your company provides. They will then download this software, even if it means clicking "override" when your fancy anti-virus software warns them of the risks. An employee that hits "override" may not understand that their favorite software may have been developed by a third-party company, and they come loaded with malware and spyware that will wreak havoc on your network.
To be clear, it's okay to have employees download and use different software, but if you want to prevent disasters like this, then you will need to first train your team in the basics of network security, or at least have them first communicate to your IT support team what they want to download so it can be tested.
Don't Make Wireless Access Too Easy
If your wireless network was not setup with strong security in mind, then it's possible that an amateur may have thrown together your wireless router and passwords in an effort to quickly get everything up and running. It's easy to setup a wireless network (many wireless devices are designed for plug and play), but it takes effort to properly stay on top of wireless security. This means using complex passwords, regularly making new passwords, giving each user their own login credentials, and more.
A common mistake that a network administrator will make is to have one easy-to-remember password, like "guest," for everybody in the company to use. This approach to wireless network security can be detrimental because it also makes access to the network easy for hackers.
Think about how many different employees have come and gone since your wireless network was set up. Employees may have unintentionally passed on their working passwords to the wrong people, giving strangers full access to your company's files. This is a classic human error that can override even the best security software.
Know What E-mail Scams Look Like
E-mail threats are well known, and some scams are obvious, like the one's promising miracle pills. Then there are the e-mail scams that are more deceptive and use the logo of your bank or pretend to be from a long lost friend. Even some of the brightest employees can fall for these scams.
A failure like this often stems from a lack of training and doesn't necessarily reflect on the intelligence of the victim. For example, a high school student who has perfect grades yet lacks training on how to handle a power tool, will make a fool of themselves in advanced shop class, and may even lose a finger or two.
When an employee falls for an e-mail scam, it works the same way as when bad software is downloaded. Even though your anti-virus software may warn, "This attachment is bad," a determined employee can still click "Override" because they really want to claim that prize.
There is a variety of e-mail scams hitting your inbox all the time, and new ones are being dreamed up every day. If you include even a 30 minute overview of what to look for with e-mail scams with your new hire orientation, then you will be saved a major security headache down the road.
Don't get us wrong, having strong security software on your network is vital, and to that end we recommend our Unified Threat Management tool. A UTM solution can filter out the Internet's most dangerous websites and keep track of which employees are doing what online; but even Computerware's bulletproof UTM can be brought down by an untrained 9 fingered employee.
If you would like more information about our UTM security solution, or you would like assistance in training your employees on how to safely use your network, then give Computerware a call at (703) 821-8200!
Comments