Many companies work 100 percent digitally, but do not have the security of their data and systems in order. Below is the main security risks you run, and what is to do about it.
#1. Risk from the inside
One of the biggest risks does not come from the outside, but inside: the employee. Often it is employees who are unaware of the dangers, with all the risks. They don’t have evil intentions, but simply lack knowledge about safe action. They click on email attachments without thinking, use personal equipment in the workplace and take home sensitive data. Often they are lax in setting passwords and forget to install important security updates.
Solution: Mobile Device Management
Mobile Device Management is a good solution to automatically roll out software and security updates, manage (private) devices, and make things like multi-factor authentication and VPN usage mandatory.
#2. Reuse passwords
Often, security is perceived as difficult and time consuming. Especially when it comes to setting unique, hard-to-crack passwords. As a result, most Dutch people use weak passwords or the same login details for different online services. A hacker who makes up a single password can easily access multiple accounts and systems.
Solution: password vault
Use a password safe like LastPass to improve password policy within the organization. The service can (automatically) create and refresh passwords ( if desired, and keep them with strong AES-256 bit encryption in the cloud. Users only need to remember the main password of the vault themselves. For added security, it is possible to enable multi-factor authentication.
#3. Shadow IT
If security impedes certain processes or is perceived by a user as tricky or unnecessary, you can take poison on it that he is going to look for detours. If a user outside the office is not able to access his business files, he takes the data on a USB stick or other data carrier. If that’s impossible, he’ll use email or his personal Dropbox. The use of this type of unapproved and not ICT-supported private tools in business context is also called Shadow IT.
Solution: make it negotiable
Shadow IT poses a high security risk and can ensure that you as an organization do not comply with the GDPR guidelines. Shadow IT countering or ignoring is not an option, so make it negotiable and use it as a starting point to understand the needs and problems of employees. Provide solutions that promote both security and ease of use, such as a business app store with securely found applications and services.
#4. Visual hacking
Anyone who thinks about cybercrime won’t immediately think about watching someone’s shoulders. Still, this example ofvisual hackingis very effective to get someone’s login details, passwords, or company information.
Solution: A privacy filter
Watch live prevents you from lowering screen brightness or using a privacy filter. This is a foil or film that you paste over the screen and which greatly reduces the readability of a distance (or from a certain angle). The downside is that this screen filter is quite difficult to remove if you no longer need it (even). HP has therefore developed Sure View, an integrated privacy filter that activates you at the touch of a button.
Solution: Work Wise
Are you going to the bathroom or get your coffee? Then someone can quickly look on your screen. To prevent that, the latest generation of HP Elite computers includes Work Wise. Automatically locks the computer when you run away. If someone tries to access the device in the meantime, you will receive a notification on your smartphone.
#5. Visual hacking 2
Visual hacking also includes tracking keystrokes and browser activities. This allows the hacker to find out your passwords.
Solution: Do not use public Wi-Fi
You won’t avoid this with a filter, although it helps to use an up-to-date virus and malware scanner. Prevent your internet session from being taken over by hacker? Then don’t use public Wi-Fi hotspots and encrypt your Internet connection with a VPN.
Hackers watching through your webcam or eavesdropping on your microphone. It’s still happening. For example, media reports regularly appear about hackers who could watch and/or listen unnoticed for years via the device of unsuspecting victims.
That’s why more and more people stick the webcam and microphone on their laptop. Practical, but very beautiful and professional is not such a plaster. More and more laptops therefore have a built-in webcam cover, including HP’s fifth generation EliteBook (830, 840 and 850). This slide for the lens that you open and close easily is a more elegant solution.
In addition to shielding the webcam and/or microphone, the system administrator can also play a role in this. WITH HP EOL, you prevent sensitive company data (un)knowingly leaving a PC. For example, the system administrator can deny users access to the USB ports, speakers, microphone and webcam or grant it for a short period of time. Please note that it remains workable, otherwise you run the risk of shadow IT (see risk 3).
#7. Browser attack
Most cyber criminals are looking for the easiest entrance to crack a system. Often that is the browser, because it offers the same potential risks on almost all machines, such as zero days.
A smart technology that can act against this is SureClick. This feature places each browser tab in its own hardware container, so that a rogue website that is visited cannot infect other tabs or the entire system. The user only needs to close the appropriate tab.
#8. bios attack
One of the latest methods by which hackers take control of devices is the BIOS attack. Malware is increasingly focusing on this component, which provides communication between hardware and the operating system, as a successful infection can take place unnoticed. It is unstoppable by an antivirus program or reinstallation of the operating system. In addition, many BIOS’s use the same code, allowing malicious people with the same skills to hack multiple systems.
Solution: Sure Start
It is therefore becoming increasingly important to secure systems at multiple levels. So not only at OS but also at hardware level. HP Sure Start provides BIOS protection that checks before and after startup if there are rootkits that try to mess with the BIOS. Possibly it can be restored to its original state using a copy that is on a special chip.
#9. Do not update
Software, apps, and the computer itself: they regularly ask to update. But not everyone does. Dangerous, because those updates are often needed to close the latest vulnerabilities. How long you do not update the software or device, the greater the security risk.
Solution: Automate updates
You can oblige your employees to perform all updates, but in practice it often does not come out and the notifications are clicked away. Therefore, make sure that the updates take place as automatically as possible. There are useful tools for that. For example, the HP Manageability Integration Kit (MIK) allows system administrators to easily manage and perform updates for a large number of computers, without having to be physically present at the devices.
For each new security patch, a hacker is ready to find an undiscovered path to data. Know how to keep the hackers one step ahead? Then come to the SecurITy Festival on November 14th in Utrecht. More information and you can register via ‘events’.