Top 5 Tips for Protecting Staff Computers

The world is increasingly going mobile, and mobile devices like smartphones and tablets are set to overtake desktop and notebook computers in terms of Internet access by the middle of the decade. Even notebooks are increasingly becoming more and more mobile, with the advent of the Intel Ultrabooks and even smaller netbooks. As such, enterprises are finding themselves increasingly concerned about the security of employee devices.

Employees are now free to bring their own devices at work, and work devices are likewise being brought home. Some staff would be allowed to work on a telecommute basis, thereby resulting in cost savings from transportation and office facilities.

The inherent danger here is security, which can include theft of devices or the data within. This can also include viruses and other malware being brought into the corporate network using the employee devices as carriers.

Here are five tips businesses for protecting staff computers and corporate networks from potential attackers.

  1. Use an antivirus software or platform. This might sound like a cliché, but antivirus software is an essential part of any IT department’s security platform. Antivirus software should be your first line of defense against malware that may run on computers. These could be transmitted through email, USB flash drives, or smartphones connected to the network. The trick here is to find a balance between security and performance, so that the antivirus software does not degrade a computer’s speed, or take up too much of the computer’s – and network’s – resources.
  2. Implement regular updates. There’s a reason that major operating systems implement weekly updates. This is meant to patch security vulnerabilities and improve system performance. IT departments should be able to manage their staff computers’ patches, such that every computer system is up-to-date. This is usually handled automatically by the desktop operating system, although IT departments can download the patch and propagate these through the individual computers either via remote control or manually. Patching should include both operating system patches and vulnerabilities, and those of individual applications and services that require updates.
  3. Enforce secure privileges. IT departments should make it a point to limit administrator access from a user’s end, in order to prevent installation of unwanted software, whether with the knowledge of a user or inadvertently. This can help minimize infections from malware inserted through USB flash media, discs or the network. IT administrators should likewise make it a point not to rely too much on group policy settings like Microsoft Group Policy Objects, which can easily be overridden by local administrators.
  4. Enforce encryption and transfer locks. The business world is increasingly moving toward bring-your-own-device setups, which lets employees bring notebooks, tablets, smartphones and storage media that they own. But with this, there is a risk that users will bring in malware. There is even no use in locking down USB ports or WiFi networks anymore, since it will be inevitable that a user will connect his devices. Enforcing a strict encryption level for an organization’s data would therefore be key in keeping data safe and secure.
  5. Use application whitelists. Apps are quickly becoming the preferred means of accessing data and information for both desktop and mobile users. As such, whitelisting of applications using intelligent tools can encourage the use of these apps, while at the same time minimizing the need to put in effort and resources toward weeding out malicious applications.

Whether you’re running a big organization or a small to medium enterprise, security is key in ensuring your corporate data and systems are safe. User devices are usually the starting point of attacks, and it would be worthwhile for enterprise IT departments or administrators to keep systems secure in order for operations to remain efficient

SME Network Security Checklist for Dummies

The network is an integral part of any organization today. Whether you’re running a small to medium enterprise (SME) or a big organization with several departments, there will be a need to interconnect computers and devices within the corporate intranet. Not all networks are built the same, though, and some will have more complicated security measures than others. Regardless of the setup and the size of the deployment, here are a few security items to keep in mind.

  1. Antivirus deployment. Does the network have antivirus software deployed at server and workstation level? Are these a uniform and updated installation, or does each user have his own brand and version of antivirus software. Worse, do the users have evaluation copies, or does the organization have a legitimate copy that offers regular updates?
  2. Wireless encryption. The WiFi network has become ubiquitous in today’s workplace. Devices of all kinds can connect: notebook computers, tablets, smartphones and even feature phones. As such, there is a need to implement encryption in the organization’s network to prevent data breaches and unauthorized use of network resources. This should mean the use of secure protocols like WPA2 encryption, and not obsolete and easy-to-crack standards like WEP.
  3. Web browser use. Some businesses will still be using outdated operating systems with archaic browsers. Check to see if user workstations still run Internet Explorer 6.0, which is riddled with security holes. Some organizations will stick to IE6 due to compatibility with enterprise applications and software, but this should not be an excuse to upgrade. Businesses should invest in using newer web technologies in building websites and intranet systems.
  4. Patching. Different software and service providers each have their own patching schedules. Microsoft patches devices remotely every Tuesday. Adobe offers updates on a quarterly basis. Organizations should make sure their devices are set to automatically download and install patches for maximum protection against security vulnerabilities. This is especially important for critical patches that can prevent malware and other attacks that propagate online.
  5. Training schedule. Staff and employees should be aware of security policies and procedures. An organization’s security policy is only as good as its weakest link, which are people. Individual users are prone to social engineering attacks and other mistakes that can lead the network to be compromised.
  6. Mobile data encryption and protection. The prevalence of mobile devices has necessitated means to encrypt and protect data stored on these devices like smartphones and tablets. It’s easy to lose a device like a smartphone or tablet, and so organizations should ensure the mobile devices that employees use are protected.
  7. Backup and recovery. Organizations should have a well-documented procedure for backing up and recovering data. This should include the use of viable backup media that include fail-safe mechanisms against loss or destruction.

This simple list should be taken by IT department managers, CIOs, and IT personnel as a starting point for better managing the corporate network. Having a definite security and compliance checklist can help minimize loss of data and productivity in the workplace.

Personal iPads, iPhones, and mobile devices slowing down SME Networks

Bring your own device – or BYOD – policies are increasingly becoming popular among enterprises, big and small alike. For small and medium enterprises, BYOD often results in cost savings, because employees get to bring their own devices and use these in the workplace setting. Companies sometimes shoulder the cost, but most of the time, employees pitch in with their own share.

However, even with cost savings and increased productivity arising from employee-owned devices, there is also a cost. A recent survey conducted by Brocade has determined that the growing number of employee devices connecting to the office network environment puts a strain on companies’ systems and local area networks.

Official policy?

While BYOD is increasingly gaining acceptance in the workplace, not all companies and organizations have BYOD policies. Even so, 40% of employees were found to bring their mobile devices to access company resources like the WiFi or local area network.

Additionally, the recent launch of the third-generation “new” iPad is found to make a big impact on office networks. 30% of IT executives and decision makers say they expect the release of new tablets like the new iPad to significantly add to their existing network load.

Increased investments

Given increasing demands, more and more enterprise IT departments have improved their networks over the years, in anticipation for increased load. 65% of survey respondents said they started investing in enterprise-grade local area networks since 2009, to address the increased data requirements from smartphones and tablets. 62% of respondents say they have made a significant upgrade, to the extent of replacing their existing networks altogether.

Multiple suppliers

This increased requirement means, though, that organizations are increasingly resorting to a wider array of suppliers and vendors for their networking needs. 60% of survey respondents said they rely on more than one service provider. These multiple suppliers help organizations achieve their goals of faster networks, bigger data capacities, and improved reliability.

Whether or not an organization has an official BYOD policy for devices like smartphones and tablets, enterprises will need to account for a sharp uptake in data and network resource use, with employees bringing their iPads, iPhones, and Android devices to the workplace. As such, there is a need to consider improvements like network upgrades and redundancies, which may contribute to the bottomline. Still, with the productivity gains from these devices, the extra cost should be well worth it for any organization, big or small.

8 Ways to Prevent Mobile Device Loss or Theft

Given the prevalence of mobile devices like laptops, tablets and smartphones in the enterprise market, there is also an increasing trend in these devices getting lost or stolen. If you have experienced having your device lost or stolen at the airport, left in a taxicab, pickpocketed, or even stolen by company employees, then you will need to beef up your security, to prevent loss of devices, and – more importantly – the information stored within.

What’s more unnerving for IT departments and company executives is that the cost of the stolen equipment is minimal compared with the potential damages from other parties accessing data from within. Stolen computers and devices can include proprietary information such as sales reports, contact lists, source code, financial records, and the like. This data can cause damage if it goes to the wrong hands, such as a competitor or anyone who might want to make a quick buck out of selling proprietary information in the black market.

Here are eight tips that can help any individual or company prevent device theft.

  1. Be alert while in public places. Train stations, airports and even taxicabs are the most common places where you can lose a laptop, tablet or mobile phone. Keep your devices hidden when in public areas. When carrying these in a bag, keep the bag on hand at all times, and watch out for potential pickpockets.
  2. Customize your carrying cases. Frequent travellers know the value of buying a custom suitcase, which will stand out in the crowd. Get yourself a colourful or customized carry case for your notebook computer or tablet. This way, it will be easy to spot if someone grabs the bag and makes a run for it. Generic black bags are easy to lose in the crowd.
  3. Keep data in the cloud. This will decrease the likelihood of information being stolen along with a computer, tablet or smartphone. Keeping information remotely will make it easy to wipe, move or lock down the data in case a device is lost. Likewise, cloud storage makes it easy to retrieve data, so that you will only need to worry about the lost device itself, and not losing the information stored within.
  4. Encrypt Information and Data. Losing your tablet, laptop or smartphone is one thing. Losing the data within is another. With the increasing popularity of cloud computing, most mobile devices can access content remotely, and it will be helpful to secure one’s device, to limit the data that a potential corporate spy can access.
  5. Use strong passwords. Weak passwords can easily be cracked, and will defeat the purpose of using encryption in the first place. Use strong passwords that include a mix of letters, numbers and symbols, as well as different cases. Don’t write down your password where it can easily be accessed.
  6. Be discreet when you use your device in public places. Someone might be peeking over your shoulder. Use a screen guard on your laptop, to limit the angle of screen viewing, for instance.
  7. Watch out for social engineering attacks. Employees might be ignorant about answering hoax emails or online promotions. Viruses, malware and phishing attacks (that try to get contact and personal information) can be used to steal company data and information. Educate your employees on how to keep safe and secure in an online environment.
  8. Install remote security software. Most modern devices today come shipped with remote wipe software, such as Apple’s iPhone and iPad, and some Android phones. This will let the IT department wipe out the entire contents of the device remotely in the event that it is stolen. This way, you only have to worry about the cost of the device, and not the data that comes with it.

According to the FBI, there is only a 3% recovery rate for stolen laptops. The rest is never recovered. As such, there is a need to protect company assets from malicious individuals – both from outside, and even from within the company. With these security measures, you can avoid being one of the 97% that experience device losses. But even if you become part of this statistic, keeping your data secure is more important.