The internet is fantastic for many reasons including online shopping, business dealings, connecting with clients, friends, and family as well as learning about the world around us. There is no denying, however, that the internet has a dark side where hackers and cyber criminals lurk in wait for an unsuspecting and vulnerable organization or person to prey upon. According to Verizon’s Data Breach Report, 28% of data breaches involve malware. This malicious software (thus the term malware) is intended to disrupt, damage, or gain unauthorized access to a computer system. Let’s explore 5 ways your business can prevent malware attacks from occurring and disrupting the success of your business.
#1 Adhere to the Least-Privilege Model
Also referred to as the Access Control Principle, the Least Privilege Model embraces the concept of limiting users' access rights to only what is strictly required to do their jobs. More specifically, each employee is only granted permission to read, write or execute only the files or resources necessary to do their jobs. In an IT environment, adhering to the principle of least privilege reduces the risk of attackers gaining access to critical systems or sensitive data by compromising a low-level user account, device, or application.If an employee does not need higher level access to files or data, only grant access to that which will allow them to do their job properly.
#2 Keep Software Updated
We have spoken at length about the importance of always installing updates when they are released rather than putting them off. It may be tempting to just wait a day or two to get through your work, but that’s all the time a hacker may need to work around security vulnerabilities that have already been addressed in the most recent software update.
#3 Use Secure Authentication Methods
To keep accounts safe from malware, there are several authentication methods that every business should require. These include the use of strong passwords as well as potentially a password managerAdditionally, many businesses are requiring that their workforce enable multi-factor authentication which utilizes a second layer of security by asking for a PIN or security questions in addition to a password.As an added layer of security, many businesses are even adding biometric authentication including facial recognition, voiceprints, or fingerprint scans.
#4 Install AntiVirus and AntiSpyware
It may seem like a no-brainer but you would be amazed at the number of companies that do not have adequate security installed on computers in the workplace as well as on devices that are being brought into the office. This doesn’t even account for the thousands of Americans who are working remotely! Keeping security tools current and removing any detected malware is a good way to avoid malicious software.
#5 Be Wary Of Attachments and Links
In last week's blog we discussed, “What To Do If You Spot A Suspicious Email.” These emails and text messages can have links and attachments that may secretly contain harmful malware. Avoid this by training your workforce on the signs of these scams and beef up your online security.