With the majority of device infections originating from email attachments, and more than half of today’s attacks being missed by antivirus software, companies need to start doing more to protect their data and give their employees additional tools to help in the fight.
With this in mind, here are five tips for keeping your documents and information secure and protected:
1) Teach Best Practice To Every Employee
Anyone with access to a company device or company documents and information needs to understand the dangers of data breaches along with how to spot them and prevent them happening.
On-going teaching of “if you’re aren’t sure, flag it up and DO NOT open any links or download any files”.
Stay diligent even if people say they’ve heard it all before but it only takes one person to cause a data breach or ransomware attack.
Don’t be afraid to run tests that show if people are really fully aware or if there are still people clicking on emails that could be phishing attempts.
2) Implement Hardware And Software Security That Doesn’t Rely On The User
Antivirus software can be very efficient, but without sufficient management and updates, can also become a threat - even more so with hybrid working becoming the norm and so many people working on remote devices, as IT have less access to keep devices updated.
Any hardware or software used to prevent security breaches should be foolproof, and in many ways, it should be hidden from the user until it’s needed so as to stop anyone trying to tamper with it.
Consider this: what if every employee could simply open every link and every file in a new computer so if there is a threat it’s isolated from your main computer?
That’s what HP Sure Click does - every threat is opened in a new virtual machine, so whether it’s a malicious file or not, the user is protected and better still, the whole company is protected.
Here’s a demo of Sure Click in action:
By implementing Sure Click and other hardware and software security measures (that don’t rely on the user in any way), you can rest assured that company data is being protected. Contact Xenith to learn more about Sure Click.
3) Be Proactive About Security (And Assume The Worst Will Happen)
When the inevitable happens and your company has a data breach, stating “We didn’t think it would happen to us” isn’t enough, and a reactive approach can only help to repair the damage.
Start by assuming the worst will happen and at some point, your company could be the victim of a data breach or a bad actor could hold your data to ransom and create a plan of action to prevent this.
Prevention could be in the form of hardware or software security as shown above, or it could be ensuring everyone in the company knows what to look out for when it comes to phishing, malicious files or ransomware.
Another way to be proactive is to ensure company employees notify IT / Security of any files or emails they feel could be related to a data breach attempt - this information allows you to notify others in the company not to interact with the email or file.
Prevention is the best form of proactive security, but having a bulletproof plan of action for when something goes wrong is still key, for example, if you’re made aware of a data breach right now, what’s the first step you take? Who needs to be notified and informed? How do you stop it spreading?
4) Make sure printing devices are protected
Office printers are too often overlooked as a security threat, but with the connected nature of today’s devices, they are effectively another endpoint at which someone can attack.
They’re also at risk from human error as people leave sensitive information on the printer tray. By implementing security measures such as secure print release or being able to track usage and view audit trails for printing, you can keep documents secure.
5) Protect data capture as well as print processes
If someone scans a document, what happens to the data? Are they able to email it on to others? Does it go into a secure repository?
As with printing, data capture can be another point at which bad actors can choose to strike and implementing security and ensuring proper authorisation for different actions to help to keep the information safe and out of the hands of the wrong people!
All of the above actions can help you protect and secure your company’s documents and information but there is always more that can be done.