By Fred Mitchell, Security Business Unit Manager at Drive Control Corporation (DCC)
Today most company employees use multiple devices to access business critical information within and outside of the organisation. Computers, laptops, tablets and smartphones have truly revolutionised the way we work. While this has sped up the pace of business, many small to medium enterprises (SMEs) often don’t understand the security threats associated with bracing the wide variety of access ‘end points’.
Online crime syndicates have a vast amount of experience and research their targets very carefully through information that is publicly available, as well as through social engineering strategies. Smaller companies often think that because of their size and scope their organisation will never be targeted. However, it is often the unsuspecting employee that unknowingly paves the way for a security compromise from within the organisation.
The problem is compounded by the fact that companies now have multiple copies of data residing on various computing devices within and outside the company walls. The same file can exist multiple times on a network and while the information may be secure on the company server, it could have been negligently copied elsewhere on an unprotected device that could lead to an information breach.
Organisations can therefore no longer rely solely on traditional firewall, antivirus and antispyware solutions as a security strategy for their enterprise information. Companies need to take a holistic approach to enterprise security that effectively protects their organisation from threats at all levels, ranging from servers, laptops, desktops, mobile devices and storage devices that can have access to information on the network.
This requires multiple, overlapping, and mutually supportive “policy-based” defensive systems to guard against single-point failures in any specific technology or protection methodology. The problem that many companies face is that deploying these security products individually on each device is not only time-consuming, but it also increases IT complexity and costs.
Organisations then need to provide management, training, and support for a variety of different endpoint security solutions. Also, differing technologies can often work against one another or impede system performance due to high resource consumption. Organisations now need to take a structured approach to enterprise security, implementing a comprehensive solution that not only protects from threats on all levels, but also provides interoperability, seamless implementation, and centralised management.
The consolidation of one’s security strategy into a single unified security architecture has many benefits. It enables operational efficiencies such as a single communication method and content delivery across all of the users and devices within the organisation. Policy and service configuration can be performed centrally at a single point on the client or at the management server which allows only certain information to be accessed by identified employees, and automated security updates to all users on the network provide protection from the latest known and unknown threats.
An important part of any security strategy is that of user education, and often re-education. To mitigate risks within the organisation, individuals themselves can take more security precautions to ensure that their information will not be compromised. When conducting higher-risk Internet activities such as online banking or purchases, consumers should do so only on a company’s computers and not on public computers at Internet cafés or libraries. Furthermore employees should also avoid following links from emails as these may be links to spoofed websites. Instead, they should manually type in the URL of the website.
In addition to security measures that can be addressed at server level, companies should also keep their employees notified of the latest phishing attacks and how to avoid falling victim to them. For example, users should never view, open, or execute any email attachment unless the attachment is expected and comes from a known and trusted source, and unless the purpose of the attachment is known. Users should also review their bank, credit card, and credit information frequently as this can provide information on any irregular activities.
Organisations should also educate users to be extremely cautious about visiting unknown or untrusted websites and viewing or following links in unsolicited emails. To limit the propagation of threats through removable drives such as memory sticks, administrators should ensure that all such devices are scanned for viruses when they are connected to a computer. Again, policy and user education should be implemented to prevent users from attaching unauthorised devices to computers within the enterprise.
Companies have to begin to realise that the IT security landscape has changed dramatically. Many sophisticated threats evade traditional security solutions, leaving organisations vulnerable to data theft and manipulation, disruption of business-critical services, and damage to company brand and reputation. Financially motivated attacks that exploit vulnerabilities in endpoint devices on company networks are a reality today and organisations have to continuously revisit their security strategies to remain protected.