The world is increasingly going mobile, and mobile devices like smartphones and tablets are set to overtake desktop and notebook computers in terms of Internet access by the middle of the decade. Even notebooks are increasingly becoming more and more mobile, with the advent of the Intel Ultrabooks and even smaller netbooks. As such, enterprises are finding themselves increasingly concerned about the security of employee devices.
Employees are now free to bring their own devices at work, and work devices are likewise being brought home. Some staff would be allowed to work on a telecommute basis, thereby resulting in cost savings from transportation and office facilities.
The inherent danger here is security, which can include theft of devices or the data within. This can also include viruses and other malware being brought into the corporate network using the employee devices as carriers.
Here are five tips businesses for protecting staff computers and corporate networks from potential attackers.
- Use an antivirus software or platform. This might sound like a cliché, but antivirus software is an essential part of any IT department’s security platform. Antivirus software should be your first line of defense against malware that may run on computers. These could be transmitted through email, USB flash drives, or smartphones connected to the network. The trick here is to find a balance between security and performance, so that the antivirus software does not degrade a computer’s speed, or take up too much of the computer’s – and network’s – resources.
- Implement regular updates. There’s a reason that major operating systems implement weekly updates. This is meant to patch security vulnerabilities and improve system performance. IT departments should be able to manage their staff computers’ patches, such that every computer system is up-to-date. This is usually handled automatically by the desktop operating system, although IT departments can download the patch and propagate these through the individual computers either via remote control or manually. Patching should include both operating system patches and vulnerabilities, and those of individual applications and services that require updates.
- Enforce secure privileges. IT departments should make it a point to limit administrator access from a user’s end, in order to prevent installation of unwanted software, whether with the knowledge of a user or inadvertently. This can help minimize infections from malware inserted through USB flash media, discs or the network. IT administrators should likewise make it a point not to rely too much on group policy settings like Microsoft Group Policy Objects, which can easily be overridden by local administrators.
- Enforce encryption and transfer locks. The business world is increasingly moving toward bring-your-own-device setups, which lets employees bring notebooks, tablets, smartphones and storage media that they own. But with this, there is a risk that users will bring in malware. There is even no use in locking down USB ports or WiFi networks anymore, since it will be inevitable that a user will connect his devices. Enforcing a strict encryption level for an organization’s data would therefore be key in keeping data safe and secure.
- Use application whitelists. Apps are quickly becoming the preferred means of accessing data and information for both desktop and mobile users. As such, whitelisting of applications using intelligent tools can encourage the use of these apps, while at the same time minimizing the need to put in effort and resources toward weeding out malicious applications.
Whether you’re running a big organization or a small to medium enterprise, security is key in ensuring your corporate data and systems are safe. User devices are usually the starting point of attacks, and it would be worthwhile for enterprise IT departments or administrators to keep systems secure in order for operations to remain efficient