Tag Archives: fighting malware

5 Ways to Prevent Malware From Sneaking Onto Your Business Network

Prevent Malware - computer security concept

Malware is ever changing and always finding new ways into your device

The single biggest challenge of business cybersecurity is the fact that malware is built to be sneaky. It would be one thing if a hacker attack always triggered alarms and your IT team could fight them off like a castle siege. Or if you could always know what kind of malware would attack and prepare to defend against it. But that’s not how hackers and their automated malicious software work.

Instead, it is their goal to find gaps in your security, slip onto the system, and lurk until there is a way to do damage or otherwise exploit your company. Whether it is spyware, spamware, or ransomware, these malicious programs find ways to sneak into your business network in a wide variety of underhanded and unseen ways. Many businesses today are currently infected and have no idea that their data is being gathered, their IP address is being used for spam, or there is a ransomware attack waiting to strike.

We’ve put together five simple ways that your company can use to prevent malware from sneaking onto your business network in the first place. While hackers are always looking for a new angle, a comprehensive defense can significantly reduce your chances of getting a dangerous malware infection.

1) Fine-Tune Your Firewall

The first step is to make sure that your existing cybersecurity measures are not only strong, but detailed. A firewall is only as effective as it’s settings, and most default firewall settings are not sufficient to block cleverly designed malware. Open ports and generalized policies leave security gaps that malware, disguised as normal business network activity, can slip through.

Masking malware invasions is the primary way that hackers sneak through a firewall. The programs look and act like something firewall default settings will allow and then download themselves right onto your network. Work with your IT team and managed service provider to fine-tune your firewall so that only very specific work activity with key identifiers can make it through.

2) Employee Cybersecurity Training

Human error is actually the leading cause of business malware infections because employees must interact with outside sources like websites, downloads, and client communications in order to do their jobs. This is why hackers have long-since targeted employees with tactics like infected websites and phishing emails.

Your team can be trained to recognize dangerous websites, suspicious “client” interactions, potentially infected downloads, and phishing email attempts so that these are no longer an avenue for business malware infection.

3) Regular Virus Detection Scanning

It’s also safe to assume that at some point, malware will find it’s way onto your network. In fact, there might be some lurking right now from a time before you increased your cybersecurity procedures. This is why virus scanning is so important for both individual workstations and the network as a whole.

There are a variety of virus scanning solutions. There are programs that scan email attachments, computer hard drives, database servers, and complex networks. Make sure to perform comprehensive scans regularly to ensure that particularly sneaky malware does not stay for long.

4) Audit Employee Mobile Devices

Another dangerous avenue for malware infection are employee phones, tablets, and laptops. The more personal a device, the more likely it is that an employee has used it without a business-level of cybersecurity caution while at home or on vacation. The problem is that when these devices come into the workplace and connect to your office wifi, they might be bringing malware riders along with them.

It’s best to make a company policy that requires monthly virus scans of employee mobile devices, particularly if these devices are provided by the company. If employees are uncomfortable with having their personal devices checked for malware, ask them to refrain from connecting to the central company network with unsecured devices.

5) Work-Only USB Drives

Finally, watch out for USB drives. These incredibly useful little devices are great for transferring data from one computer and location to the next, but they can also be carrying infectious malware programs without the knowledge of the user. Once again, this is an especially serious risk when employees are using USBs they have brought from home.

If your workplace uses or permits the use of USB drives for file storage and transfer, make sure the drives are scanned and fully wiped regularly and consider limiting employees to only using work-provided USBs (that you can regularly secure) for plugging into work computers.

Malware is designed to be slippery, to hide on infected devices and to spread to new devices and networks when possible. Protect your business network from sneaky malware infection by covering all your bases, scanning for viruses regularly, and limiting employee’s ability to accidentally bring viruses to work from less careful personal online activities.

For more expert cybersecurity advice, a consultation on the health of your network, or a new MSP partnership for your business, contact us today!

Fighting Malware and Other Cyber Disasters: Consider a Risk Management Approach

20160407

A risk management plan can help protect your company from malware and other cyber security disasters.

Determining the nature and extent of cyber security risks is a critical challenge companies face. Working within budgetary constraints, companies need to draw up and implement a comprehensive plan for cyber security that encompasses all business operations and keeps various risks at an acceptable level.

When so much of what a company does depends on computing devices, there are numerous points of vulnerability that cyber criminals can exploit. Companies need to understand the kinds of risks they face, the likelihood of different IT disasters, and the best ways to manage each type of risk.

A recent article from Business Insurance discusses how good risk management provides companies with important insights about cyber security risks and recommendations for steps to take. Knowing how to manage your cyber security risks is integral to better protecting your company from malware and other cyber crimes and IT disasters.

How should you go about managing your company’s cyber security risks? The following are several key tips.

1) Rely on meaningful data

As much as possible, you should quantify the risks your company faces and the likely effects of your solutions. Quantifying risks helps you prioritize the vulnerabilities that need the most attention and resources. You can also determine whether or not a particular solution has worked as you anticipated, and whether your solutions are cost-effective. Without supporting data, you’re less likely to have a clear picture of your company’s cyber security performance.

2) Choose your metrics carefully

How do you intend to measure different kinds of risk? What’s an acceptable level of risk to work with? Unfortunately, there aren’t always industry standards or other widely agreed-upon best practices to help you determine the answers. To start with, you can consult with IT security professionals and well-informed business leaders to get a better sense of how to best measure and manage risk.

3) Make sure you’re comprehensive

Risk management should encompass all aspects of your company and its operations. Every business operation exposes you to cyber security risks. HR personnel work with software and files containing employees’ payroll data. Employees in sales and marketing handle sensitive customer information. Your accounting personnel process critical financial information. Understand the vulnerabilities in every type of hardware and software you use and in the IT set-up your business relies on.

4) Stay realistic

There’s no way you can avoid all risks or bring the chances of an IT disaster down to nothing. Sometimes, you’ll have to accept a risk, because the benefits are greater. You may not always have the means to significantly reduce a particular risk. Other times, you’ll need to do everything you can to bring the level of risk down as much possible, because failing to do so will severely undermine your company. A strong risk management approach helps you make the best possible decisions within the constraints affecting you.

5) Make it a group effort

Risk management is based on collaboration among IT personnel and company leaders. This collaboration ensures that your company’s decision makers are all on the same page when it comes to prioritizing cyber security, understanding the risks, and keeping the risks at acceptable, manageable levels. Ultimately, every IT security decision you make needs to serve your company’s goals and further its growth. Your IT personnel can’t work in isolation, without an understanding of your company’s needs and objectives.

To protect your company, you need to manage risks effectively. You can’t rely on one-size-fits-all cyber security solutions. You also can’t protect your business if your IT security decisions lack coherence and direction and remain disconnected from your company’s goals. Don’t hesitate to contact us for further advice and assistance. We can help you assess your risks and come up with solutions for managing them in a way that best protects your company from IT disasters.