Just look around your office. How many devices are connected to your network?
I’m looking around mine and see handfuls. My smart phone is definitely on the list, same with a laptop. But also an iPad, a modem, a smart watch, a desktop computer, a printer. The list can go on and on—especially if you’re one to accumulate technology (or are the recipient of some cool tech from the holidays).
The average user nowadays has about 4 devices connecting to your network at any given time. Where most businesses are solely concerned with keeping a user’s laptop secure, they overlook the other 3 devices that may be continuously connecting to your secured network.
I’d say right now, you have at least 2 devices connected throughout the work day. The one that you’re using to read this post, and then probably a watch, a phone, a laptop, and iPad or some other tablet, or even a television. The fact is there are so many devices connecting to your network on any given day that it’s getting harder for your IT Support team to keep track of (especially if they aren’t even looking for them!).
And since we do most of our important or sensitive work (and fun stuff) online—we bank online, we file taxes online, we communicate with others online, but we also watch TV and movies online—we need our networks to be secured. Connecting devices that aren’t permanent fixtures on your network (i.e., ones that might get used at Starbucks, at home, and may or may not be used exclusively for work materials) leads to an ever changing security demands on your business IT Security.
Today, I’m going to talk about computer security environments and where your vulnerabilities lie.
Here are just a few highlights your IT Support team should be thinking about to keep your network secure:
Phishing Scams
I’ve personally seen in the past week or so a variety of phishing scams trying to pry into personal or business accounts. Microsoft saying that there’s a virus on my computer and urging me to call support (sometimes someone claiming to be Microsoft may attempt to call your phone and ask you to give them access to your computer). This is a scam don’t fall for it! Microsoft would never call your cell phone, or contact you about a virus or hack.
I’ve seen a variety of scams shelling out amazing holiday deals (note: if it sounds too good to be true, it probably is).
I’ve also seen the classic holiday card from the CEO that includes a link to a malicious website. If your CEO doesn’t typically send out holiday greetings, don’t fall victim to a scammer. Always check to see that the sender’s email address looks legitimate (most times, scammers try and spoof addresses, but they aren’t quite right).
Making Security a Regular Thing
With devices coming on and off the network every half hour, security has to be at minimum a daily routine. It’s not just look at what happened the past week. It’s not check once a month or once a quarter that everything is working. Computer security is a dialing learning process.
Hackers are working relentlessly to poke holes through business networks. And the source of those holes may be from bugs in applications, users not understanding what are safe practices, poor password management, data not being encrypted.
There are so many ways for hackers to exploit your business data nowadays that IT Support needs to be daily monitoring and evaluating what is going on under the hood. If your IT team is not continuously learning about computer security, reading about computer security on a daily basis, your business security is likely falling behind the curve (and becoming low hanging fruit for hacks and attacks!).
Making Constant Checkups
Your IT Security experts should be protecting every part of your business—from your bank accounts, your client data and contact information, all the way to your user data, including their social security numbers.
Expect that your IT Security team is checking that your data is backed up, that sensitive data are stored in safe places, that information isn’t walking out the door that shouldn’t be. They should be evaluating how data is accessed, how your network regularly is performing and should be alerted and sounding an alarm when something doesn’t look quite right.
Recognize That IT Security Is NEVER Simple
Challenges in computer security are never simple, there are rarely simple answers or solutions. Your IT Security team needs to not only understand the theoretical side to security (studied up on their IT Security text books), but also acutely understand how to apply theory in practice.
When someone deploys services or systems, there are always going to vulnerabilities. How can your team recognize and design services that reduce your vulnerabilities is what they need to be thinking about day in and day out.
How can your business eliminate big risks on your network? How can your IT Support team weed through everything going on within your network and pick out what the big threats are today and might be tomorrow?
Making Security Practical
As I’ve mentioned before, security has to still be usable. If we restrict users to conform to our way or the highway policies, they’re never going to comply with standards. We, as security experts, are expected to provide solutions that not only keep business security interests top of mind, but also ensure that users can get their work done.
IT Support teams are here to make life easier for users by keeping them safe and keeping them productive. If we implement security policies in a vacuum with no or little understanding of current user practices and behaviors, we’re creating an environment that is fighting against security.
Since I oversee business security, IT infrastructure, and application management for business all over the Philadelphia metro, I am acutely aware that problems occasionally pop up. New scams keep coming (cyber criminals do not take holidays off and are always looking for new ways to break into your network!). Business infrastructure demands change, requiring re-evaluation of current security measures. User demands change, requiring modification to policies to ensure everyone’s safety.
Now for the big question…
Is your IT Support team helping your users get work done safely? Contact Us today for a free third party security assessment.