1.Viruses
Nowadays the advice of having a good virus scanner is widely accepted. Ensuring it is up to date is also important to ensure the application can detect newer viruses. Most modern virus scanners now do a lot more than simply analysing files for viruses – they inspect your website traffic, and act as firewalls limiting the network data that can reach or leave your device. We have seen scenarios where a virus scanner has been installed but not correctly configured allowing potential viruses to access a machine.
Manage the risk
It’s important to perform periodic audits of desktops and servers checking the revision, its configuration and the folders scanned.
2.Working remotely
When staff take their devices outside of your office they are exposed to any number of hostile forces.
Manage the risk
Having a good Mobile Device Management (MDM) solution helps separate business data from personal and provides the business the means to remotely delete sensitive data should the need arise (e.g. laptop is lost or stolen). And if you are a regulated business this functionality is critical.
Furthermore, with GDPR, should you have personal identifiable data on your laptop, having a good MDM solution is vital.
3.Vulnerabilities
Simply installing a firewall and virus scanner is no longer sufficient. A more proactive strategy is advisable, regularly assessing vulnerabilities. There are a range of technologies designed to do this. This helps a business plan remediation activity. It’s impossible to eradicate all vulnerabilities so a business can focus on the ones it deems critical.
Manage the risk
Wavex proactive vulnerability services are delivered via our APEX® Secure platform. APEX® Secure is a security service that gives you immediate visibility into where your IT services might be vulnerable to the latest threats and how to protect them.
4.Training
No matter what amount of technology you deploy there is always the risk associated with behaviours. Helping your staff understand your policies and the ramifications of failing to adhere to them is vital. We have often performed benign phishing email tests to staff to monitor which are opened. This provides a helpful guide to who needs additional training.
Manage the risk
Wavex can perform benign phishing email tests - mock phishing emails are sent to staff, monitoring which are opened. The findings from the test provide a helpful guide as to whom needs additional training.
5.Phishing
Another simple fix to minimise the risk of a phishing email is to ensure everyone uses a signature including mobiles. Then should an email arrive from your boss asking you to transfer the company funds to an offshore account you can glance at the signature.
Manage the risk
Currently, few phishing emails replicate the business email signature because they are often created without having access to a real email. Although this doesn’t provide 100% protection it does significantly reduce the risk of an employee acting on a fraudulent request.
