Are PDFs Safe?
Most of us know office documents can contain malicious code but did you know PDFs, audio files, and pictures can too? In many instances they appear safe, but in the background can drop malicious code on to your computer. We all need to receive files so it is a risk you have to bear however by protecting your network perimeter with a good firewall and your desktop computer with strong antivirus you are building in multi-layered protection to minimise the risk.
Are Tape Backups Adequate?
Full system recovery from tape is a very arduous process. A full recovery means reinstalling the entire system, applications, and configuration. By using disk imaging backup solutions with multiple recovery points you are able to recover from malware quicker and lose less data. We recently had a ransomware attack that started at 16:15 which we identified at 16:38 and restored the data back to 16:00 so only 38 minutes’ work was lost. Most tape and USB backups back up once a night and often don’t have lots of recovery points.
I Am On Cloud Email So Am I Safe?
Email is by far the biggest attack vector through which ransomware is deployed, mainly because the attacker can reach millions of victims within minutes. Even Office 365 is vulnerable and you shouldn’t assume that because you use a cloud email system you are safe. We have had instances where attackers were able to use out of office rules to snoop on emails with trigger words such as “payment” and “bank transfer”. They were then able to force payment to themselves. Office 365 also only has limited malware protection to protect against ransomware and many clients without additional protection have fallen victim to it. Reduce your risk by using an email security product such as Mimecast that can check attachments by opening them in a virtual environment and detecting the malicious code before they are delivered to you.
I Am Worried About Security For My Business. What Do I Do?
There are no guarantees with security solutions and the risks to business vary based on what they do. In order to protect your business you need to understand the areas of risk and there are many.
- Do staff use devices in the workplace you have no control over such as mobile phones?
- Do staff access work email on personal computers?
- Do you allow access to all websites and allow staff to download software from the internet?
- Do you have Wi-Fi connected to the business network that you allow guests to use?
- Do you allow USB devices to be brought into the work place?
- Do you allow access to personal email on work devices which could bypass email security on work email?
Every company has different risks and you need to assess and understand the risks and how you can mitigate them. There is no silver bullet but you can make yourself a more difficult target. Also, remember the threats change constantly so security is something you should constantly review.
Of course, engaging with a security specialist such as Kogo can help you understand the risks and potential solutions to protect your business.