Threats from undetected hacks will only grow in both number and duration. When it comes to keeping your data safe and limiting end user breaches, here are some best practices and tips for a more secure organization in 2019.
End User training is now imperative.
End user computing education isn’t optional anymore, especially if you have a “bring your own device” policy or IoT usage. Hackers not only have an increased attack surface to work with, but also multiple points of entry. Their methods grow more sophisticated over time, staying one step ahead.
Even the most tech-savvy employees using company-issued devices can unwittingly fall victim to attacks. Mobile spyware is more prevalent. Enterprise-class and iOS devices long thought to have more safeguards than Android are now showing vulnerabilities, which Apple needs time to patch. Pegasus is arguably the most well-known and pernicious spyware that disguises itself as an app download while surveilling the user and/or harvesting data, but others like Ghost Push and Hummingbad utilize ad clicks (easy for a finger to slip and tap.) Botnets like Viking Hoard are also able to use both rooted and non-rooted devices, using IP proxies to disguise ad clicks.
End users need to be trained to recognize these threats and not accidentally step on an email or mobile browsing land mine.
Institute stronger standards for passwords and admin policies.
Credit reporting giant Equifax achieved infamy for compromising the security of 143 million people; many accounts were protected by “admin” as both a password and username. People don’t want to remember hundreds of passwords! Only you can prevent your end users from becoming easy targets where passwords are concerned. Institute strong password rules so that they cannot be easily guessed. Have passwords changed regularly and keep them strong by using multiple numbers, special characters, and case sensitivity.
To prevent misuse of admin privileges, disable accounts when people leave your organization or division. You might even want to disable administrative access if it’s not necessary to keep it enabled – this can stop hackers from gaining access to the entire network. Also, ask yourself if certain data sets are needed for everyone or certain admins at certain times. These are simple precautions that often are ignored.
Know what’s on your network, common business devices are an overlooked threat.
With mobile devices and IoT increasing corporate security concerns, networked devices are a frequently overlooked vulnerability. Multifunction printers, security cameras, and other common devices in your business present an attack area that may be easily hacked. Be aware of what is on your network! Similar to anti-virus programs for computers, there are strong threat detection solutions like Aruba IntroSpect User and Entity Behavior Analysis. Entity360 provides a consolidated view of what’s on your network, whether the device is networked or using wireless access. These programs can sum up hours of investigation in a single view, creating an easier way to find and eliminate threats.
IoT cloud APIs present a weakness and “smart offices” could pay a price for the novelty and convenience.
IoT has proliferated across the home and workplace with everything from lighting systems to coffee makers connected by Wi-Fi. It’s a futuristic marvel we could only dream of decades ago. Now offices have adopted IoT with the same vigor as homes, increasing security concerns.
While not as pervasive as mobile malware and network attacks, IoT devices present a two-fold risk when it comes to their cloud APIs. First, IoT devices and systems are often connected to mobile apps with poor security. With data being stored on these apps, an employee simply losing the device, and the possibility of that device getting into the wrong hands presents a major risk in and of itself. Cloud storage doesn’t provide protection, because cloud APIs for IoT devices have more weaknesses than standard web APIs. They’re often designed with machine-to-machine communication in mind and security risks aren’t considered. Organizations need to examine this emerging class of risk in their next-gen security plans.
VDIs magnify the risks of ransomware.
As we all know, ransomware encrypts all device files and data. After infection, this data can’t be accessed until the hackers get the ransom they demand – and paying it isn’t even a guarantee. Is there a good option to thwart this type of attack beforehand?
Virtual desktop infrastructure (VDI) has long been a stopgap against threats. VDIs secure desktop systems on centralized servers in data centers and can keep some malicious threats at bay. Only the environment and that user have the chance to get infected, so while their data is corrupted you save the system as a whole. The problem is the system resets, so you won’t get the chance to decrypt the data. Your company needs to weigh individual user data vs the system and decide what is right for your environment.
Be realistic: your data is likely to get compromised at some point. Have a backup plan.
It’s not enough to protect vulnerabilities and keep your data continuously backed up, you need a 3-2-1 backup plan. 3-2-1 means that you have at least 3 copies of your data where two are local but on different devices, and at least one copy is stored offsite. While simple enough at the individual level, the more users and data in your organization the more complex it is to keep your data regularly backed up offsite.
Backup as a service (BaaS) provides an easier approach to the offsite backup requirement. Comport can provide you with a solution that satisfies traditional and cloud backup needs. Backup as a Service in the cloud helps create another layer of protection when coupled with continuous backup. In the event devices or entire networks become corrupted or inaccessible, operations continue on new devices with minimal interruption. You will have both peace of mind and an action plan when disaster strikes, so the fewest possible numbers of users are compromised.
One thing is for sure: end user threats are growing and there will always be new, ominous ways for hackers to get to your data. Our recommendation is to deal with the security aspects you can, systematically protecting from the edge to the core. Take precautions and invest in your security, but understand it may not be foolproof. Protect your data in other ways by investing in newer backup and disaster recovery solutions that guard your data and your business, even when the hackers do get in.