IT Connection Nightmares and How to Prevent Them
It’s just another day. You get home, make dinner, then flip on the news and grab your laptop, hoping to catch up on email after a hectic day at the office. As you begin to sift through your inbox, your computer suddenly freezes. A message appears notifying you that your email and laptop have been hacked. Unfortunately, scenarios like these are becoming all too common and many businesses are being impacted by these frequent IT security breaches. Luckily, there are steps you can take to prevent being a part of the most common IT connection nightmares.
Nightmare #1: Network Ransomware Attacks
With recent cybersecurity attacks such as WannaCry permeating the news in 2017, businesses across the globe are experiencing the nightmare of network ransomware breaches. Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid, and is quickly becoming one of the most popular forms of online attacks today. Beginning as early as 1989 with the AIDS Trojan attack, ransomware is evolving on a massive scale and predicted to cost over $6 trillion annually by 2021, according to Cybersecurity Ventures.
To prevent ransomware attacks, organizations need to make network security a top priority. Deploying anti-virus and anti-malware software is the first step in preventing cybersecurity breaches. To further protect the network, organizations can restrict access control at certain levels. For example, the United States Computer Emergency Readiness Team (US-CERT) recommends configuring access controls (file, directory, and network share permissions) with least privilege in mind. Simply put, users who require access only to read documents, files, etc., should not have access to edit those specific files, directories or shares.
Nightmare #2: Cloud Security Breaches
No organization is completely safe from data breaches. With retail corporations such as Target and health insurance organizations like Anthem experiencing breaches to customer data in the past, the fear of experiencing a cybersecurity breach is at an all-time high. Many organizations tend to rely on securing sensitive data in the cloud. Around 18.1 percent of all documents uploaded to the cloud contain sensitive information. As the cloud continues to be a secure route for many, Gartner predicts that 95 percent of cloud security failures through 2020 will be the customer’s fault.
Don’t let your organization become another statistic. Take these secure measures to protect your customers. Implement Multi-Factor Authentication (MFA), which provides a higher degree of assurance of the identity of the individual attempting to access a resource, such as a physical location, computing device, network or database. MFA creates a multi-layered authentication process, making it more complicated for an unauthorized user to gain access to sensitive data.
Encryption is also key to preventing security breaches. Encryption works to make intercepting and compromising data harder as it converts data into indecipherable text that cannot be read by unauthorized users. Not all data encryption solutions are one and the same. Invest in a system that utilizes end-to-end encryption to protect data from the cradle to the grave so only the sender and receiver can authorize the information.
Nightmare #3: Lack of IT Cloud Security Training
Even if an organization invests in top security solutions, obtains secure network access and ensures encryption of all communications and authentication procedures, sensitive data could still be at risk to hackers. Consider, for example, an employee who decides to bring a device from home (such as a tablet) to the office to access work emails throughout the day. The tablet may not be set up with secure software or anti-virus protection, thereby running the risk of being connected to an unsecured network. Imagine the nightmare of having dozens or even hundreds of unsecured devices of this type connected to your organization’s network and accessing the cloud.
A recent study conducted by Ponemon Institute found that only 35 percent of senior executives think it is a priority to ensure that employees are knowledgeable about how data security risks affect their organizations, and 60 percent say employees are not knowledgeable or have no knowledge of the company’s security risks. The study also found that over half (55 percent) of companies surveyed have already experienced a security incident due to a malicious or negligent employee.
With many organizations, bring your own device (BYOD) policies are becoming a common practice, and although this can foster a friendly and connected atmosphere in the workplace, it also creates the potential to incite a security breach. If your organization has a BYOD policy, or is considering implementing one, it is important to develop, institute, and practice company-wide employee education programs and courses to identify scams, malicious links and weak passwords. Password requirements commonly fall through the cracks of security. A 2015 security analysis found that along with weak remote access security 94 percent of breaches were due to weak passwords.
Security is crucial at every level of an organization and adopting a culture of security awareness can mean the difference between an IT connection failure or success. Fortunately, when prevention steps are strategically placed, organizations can rest easy knowing that they have safely put the most common IT connection nightmares to bed.