In recent years, much attention has been devoted to cyber security. As companies and people become more dependent on the internet, we also become more vulnerable to cyber crime.
Threats are Getting More Creative
While the two most common security threats are websites crafted to steal your personal information and malware (including viruses) that cause harm, recently, a trend of targeted fraud has been emerging.
This type of fraud uses targeted communications with information that has been specifically gathered about a business. In such cases, an employee within a company will receive an email, seemingly coming from an authorized decision maker within the business (ie: CEO, CFO) requesting a money order or transfer. Often, these emails appear to be very legitimate but are, in fact, attempts by criminals looking to steal your corporate dollars. We recommend that all employees who receive emails from decision makers within a business verbally confirm with the decision maker that the request is legitimate. Further, we recommend that all fraudulent acts be reported immediately to police.
Defending Yourself against Cyber crime
Cyber threats are always evolving and always looking to defeat the security in place. This is where strategies involving layered security (also called Defense in Depth) give the best protection. Multiple levels of security are essential in protecting yourself from cyber threats. Examples of security measures you can take, in addition to your fundamental antivirus software and regular Windows updates include:
Attachment filtering can have a significant impact by rejecting threats in the first place. Many of the most dangerous threats come in via email in the form of a .zip file attachment and are not detected until the infection is well spread. Unfortunately, once downloaded, these .zip files cannot be stopped. Thus, they can only be avoided by blocking them out of the environment completely. Once you have enabled attachment filtering, anyone that sends you an email with a .zip attachment will receive an automatic email from you informing them that your company rejects this sort of file. As such, your legitimate senders will know to reach you in another way. The automatic email response will also help to remove your email from any lists that hackers use.
Gateway Antivirus uses your firewall to run a filter on threats coming in and out of your network. It uses a different scanner than the antivirus on your desktop and server, so that it can provide an extra layer of security quickly.
Cloud-delivered network security is a defense layer that increases the safeguard within a business environment. These tools run transparently, similar to an antivirus, but they increase security by watching and preventing access to malicious web links directly (or indirectly through malicious web ads). Once deployed, these services prevent access to hundreds of malware and virus links. They can also be used to curb employees from browsing sites that impact employee productivity or company liability. Strong security is an essential factor in minimizing loss of productivity due to technology issues.
Asking for assistance if you are not sure about a potential threat is always something that Yardstick encourages. Consulting your IT provider about something that just “doesn’t seem right” is key in preventing security threats.
Visit the Government of Canada’s website for tips on how to protect your business.