IT Security Tips from Insiders

IT Security Tips from Insiders

IT security is a battlefield on which you can never rest. Your company may have already eliminated all of the most common IT security weaknesses by taking steps such as installing security software, educating employees about the best security practices and investing in an automatic cloud-based backup solution.

Staying ahead of the people who would do your company harm is a constant challenge, though, and you must remain vigilant. Criminals work constantly to refine their techniques; strengthening your security practices now is a good way to remain one step ahead. These are some IT security tips from the insiders.

Don't Delay Software Updates

When a security update becomes available for a software package that your company uses, applying the update isn't always as simple as running a single utility.

You may need to conduct extensive testing to ensure that an update to one program doesn't break another program that your company uses. Finding the time and budget to conduct software update testing can sometimes prove difficult, so your organization may tend to put off installing updates so you can consolidate your testing when several new updates are available.

That's an unwise practice because a security vulnerability in one software product can provide an opening that allows a hacker to access something more critical.

Does your company lack the resources to apply software updates promptly? Consider cloud-based Software as a Service instead. Subscribing to your enterprise software ensures that you're always running the latest version and can significantly reduce your maintenance expenses.

Think Like a Hacker to Identify Security Holes

Sometimes, a company's own servers and services aren't its biggest security holes. In 2018, the United States military discovered that armed forces and intelligence personnel may have inadvertently released sensitive information by sharing the data collected by their wearable fitness trackers.

The Strava Global Heatmap displays the activities of fitness tracker users who elect to share their activities online.

An Australian student studied the map and noticed unusual levels of activity in Africa and the Middle East. Studying the map, it turned out, could potentially reveal the activities of military personnel and the locations of secret military establishments. One security expert surmised that it would be possible to link map data with social network profiles to ascertain the identities of fitness tracker users.

“This is the part that is perhaps most worrisome, that an individual's identity might be pullable from the data, either by combining with other information online or by hacking Strava—which just put a major bullseye on itself,” says Peter Singer, strategist and senior fellow at New America, a think tank based in Washington, DC.

The U.S. Department of Defense vowed to investigate the matter promptly.

Although it's unlikely that fitness trackers pose a security risk to your company, it is crucial for you to understand the applications and gadgets that your employees use while at work. Most people wouldn't find a map of fitness tracker data very interesting. A hacker, however, might find that data very valuable. Are your employees inadvertently sharing data that could harm your company?

Whitelisting Makes a Business Nearly Bulletproof

In IT security, you often have to straddle a fine line. A security policy that helps to keep a company's data safe can also stifle innovation and hamper employee productivity.

Throughout the PC age, many companies have been quick to ban new technologies deemed "too dangerous". Companies have banned CD-ROM drives, USB storage devices, phones with cameras, instant messaging and social networking only to discover later that those technologies have many potential benefits for businesses.

If your company handles extremely sensitive data, though -- and you must do whatever is necessary to lock that data down -- a whitelisting policy may be your best bet.

Implementing a whitelisting policy requires extensive IT resources for the initial deployment and ongoing maintenance. Adopting a whitelisting policy for applications means that the computers on your network can only run applications on a pre-approved list. If you adopt a whitelisting policy for Internet access, employees can only visit websites that you approve.

But this must not be approached on a whim! Whitelisting can hurt productivity. If an employee suddenly can't do his job because he can't visit a website that isn't on the whitelist, his productivity grinds to a halt while he waits for a response from the IT department.

Whitelisting can also stifle innovation because it may cause employees to think more rigidly. A whitelisting policy can, for example, prevent an employee from using the Internet in a creative way to seek out new business opportunities. A whitelisting policy can also prevent an employee from using a third-party application that makes his or her job easier.

On the other hand, whitelisting makes a company almost impervious to malware and common forms of phishing. If an employee clicks a phishing link in an email, the network will block the malicious website. A virus can't execute its payload if every computer on your network refuses to run the infected file.

Smartphones Can Improve the Security of Your Login Process

Left unchecked, employees' network passwords can be a major security weakness for your company. If an employee uses a lowercase English word as a password, that password is vulnerable to a brute force attack.

Your network administrators should implement a policy forcing employees to use complex passwords and to change their passwords regularly. If your company already does that, you can harden your password security even further by implementing two-factor authentication.

The principle behind two-factor authentication is simple. With two-factor authentication, an employee can log in to your network using something only he should know -- his password -- and something only he should have, such as a smartphone.

An employee begins the login process by entering their network password. The computer then prompts the employee to enter a one-time password. The network delivers the password to the employee's smartphone via a text message or mobile app. Typing the one-time password on the computer completes the login process.

Implementing two-factor authentication means that even if a hacker stole an employee's password, he still couldn't penetrate your network with that information alone. A hacker would have to steal both an employee's password and his phone to log in as that employee. Although that's not impossible to accomplish, it is far more difficult than stealing a password alone.

Machine Learning Can Spot Suspicious Network Activity

Do you remember the antivirus software from the '90s that flagged suspicious software based on potential viral signatures in the code?

Older antivirus solutions flagged so many legitimate programs that they were often more trouble than they were worth. Machine learning has come a long way since then.

Today, there are enterprise security solutions that use machine learning and artificial intelligence to watch all of the activity on your network and automatically flag unusual activity.

  • Is an employee spending an abnormal amount of time in a shared folder that has nothing to do with his responsibilities?
  • Is a user logged in outside his normal working hours?
  • Is someone transferring a large amount of data to a remote IP address?

A security solution with machine learning features can spot the unusual activities that your IT staff might miss. If you're ready to implement some top-tier cybersecurity from the experts, consider scheduling a free consultation with the pros at Continuous!