Many companies operate 100 percent digitally, but do not have adequate security for their data and systems. Below are the main security risks you face, and what can be done about them.
#1. Risk from within
One of the greatest risks comes not from outside, but inside: the employee. It is often employees who are unaware of the dangers, with all the risks that entails. They have no ill intentions, but simply lack knowledge about acting safely. They click on e-mail attachments without thinking, use personal devices in the workplace and take sensitive data home with them. They are often lax in setting passwords and forget to install important security updates.
Solution: train your employees
It is important to create awareness and show employees why they are a weak link in the security chain. Level up their cyberskills with training tailored to their position, work and the organization. Employees also need to understand that they may not themselves be targets of attacks, but may be used as “gateways” to access other users and/or organizations.
Solution: mobile device management
Mobile Device Management is a good solution to automatically roll out software and security updates, manage (private) devices and mandate things like multi-factor authentication and VPN use.
#2. Reuse passwords
Often security is perceived as difficult and time-consuming. Especially when it comes to setting unique, hard-to-crack passwords. As a result, most Dutch people use weak passwords or the same login credentials for different online services. A hacker who captures one password thus gains easy access to multiple accounts and systems.
Solution: password safe
Use a password vault like LastPass to improve password policies within the organization. The service can create and renew passwords (automatically if desired), and stores them in the cloud with strong AES-256 bit encryption. Users only need to remember the main password of the vault itself. For additional security, it is possible to enable multi-factor authentication.
#3. Shadow IT
If security impedes certain processes or is perceived by a user as cumbersome or unnecessary, you can bet he will seek detours. If a user cannot access his business files outside the office, he takes the data with him on a usb stick or other data carrier. If that is impossible, he uses e-mail or his personal Dropbox. The use of these types of unapproved and ICT unsupported private tools in business contexts is also called Shadow IT.
Solution: make it negotiable
Shadow IT poses a major security risk and can cause your organization to be non-compliant with AVG guidelines. Blocking or ignoring shadow IT is not an option, so make it a topic of discussion and use it as a starting point for understanding employee needs and concerns. Offer solutions that promote both security and ease of use, such as an enterprise app store with secure applications and services.
#4. Visual hacking
Those who think of cybercrime will not immediately think of looking over someone’s shoulders. Yet this example of “visual hacking” is very effective in getting someone’s login credentials, passwords or business information.
Solution: a privacy filter
Prevent live viewing by lowering the screen brightness or using a privacy filter. This is a foil or film you stick over the screen that greatly reduces readability from a distance (or from a certain angle). The disadvantage is that this screen filter is quite difficult to remove when you no longer need it (for a while). HP has therefore developed Sure View, an integrated privacy filter that you activate at the touch of a button.
Solution: Work Wise
Do you go to the bathroom or get coffee? Then someone can still quickly look at your screen. To prevent that, the latest generation of HP Elite computers includes Work Wise. This automatically locks the computer when you walk away. If someone does try to access the device in the interim, you will receive a notification on your smartphone.
#5. Visual hacking 2
Visual hacking includes tracking keystrokes and browser activity. This allows the hacker to find out your passwords.
Solution: don’t use public wifi
You won’t prevent this with a filter, although it helps to use a current virus and malware scanner. Prevent your Internet session from being taken over by hacker? Then don’t use public Wi-Fi hotspots and encrypt your Internet connection with a VPN.
#6. Eavesdropping
Hackers watching via your webcam or overhearing your microphone. It still happens. For example, reports regularly appear in the media about hackers who were able to watch and/or listen in on the devices of unsuspecting victims undetected for years.
Solution: webcam cover
This is partly why more and more people are taping off the webcam and microphone on their laptops. Practical, but very pretty and professional such a plaster does not look. More and more laptops therefore have a built-in webcam cover, including HP’s fifth-generation EliteBook (830, 840 and 850). This slider for the lens that you easily open and close is a more elegant solution.
Solution: EOL
In addition to shielding the webcam and/or microphone, the system administrator can also play a role in this. With HP EOL, you prevent sensitive company data from (un)knowingly leaving a PC. For example, the system administrator can deny users access to the usb ports, speakers, microphone and webcam or just grant them access for a short period of time. In doing so, make sure it remains workable, otherwise you run the risk of shadow IT (see risk 3).
#7. Browser attack
Most cybercriminals look for the easiest entry point to crack a system. Often it is the browser, since it offers the same potential risks on virtually all machines, such as
zero days
.
Solution: SureClick
One smart technology that can combat this is SureClick. This feature places each browser tab in its own hardware container so that a rogue website visited cannot infect other tabs or the entire system. The user need only close the corresponding tab.
#8. BIOS attack
One of the newest methods by which hackers take control of devices is the BIOS attack. Malware increasingly targets this component, which provides communication between hardware and the operating system, since a successful infection can go undetected. It cannot be stopped by an antivirus program or operating system reinstallation. Moreover, many BIOSs use the same code, allowing malicious actors with the same skills to hack multiple systems.
Solution: Sure Start
It is therefore becoming increasingly important to secure systems at multiple levels. So not only at the OS level but also at the hardware level. HP Sure Start provides BIOS protection that checks before and after booting for such things as rootkits trying to tamper with the BIOS. If necessary, it can be restored to its original state using a copy stored on a special chip.
#9. Do not update
Software, apps and the computer itself: regularly require an update. But far from everyone does. Dangerous because those updates are often needed to plug the latest security holes. The longer you don’t update the software or device, the greater the security risk.
Solution: automate updates
You can require your employees to perform all updates, but in practice it often doesn’t work out and notifications are clicked away. Therefore, make sure updates are automatic as much as possible. There are handy tools for that. For example, with the HP Manageability Integration Kit (MIK), system administrators can easily manage security settings for a large number of computers and perform updates without having to be physically present at the devices.
For every new security patch, a hacker is ready to find an undiscovered path to data. Know how to stay one step ahead of hackers anyway? Then come to the SecurITy Festival on November 14 in Utrecht. More information and sign up can be found through “events.
