Security Top Tips – How to spot malware
22nd May 2020
The devices we use in our leisure time aren’t always as practical as those we use in the workplace. Those who are accustomed to using keyboards and multiple screens in the workplace, for example, may struggle to work as swiftly and efficiently on a laptop or touchscreen device. To ensure working remotely is successful, companies may need adapt their processes and adopt new technology to support device integration.
The Security of any device used to facilitate business, needs to be considered – are you happy for company data and documents to be accessed from personal devices? And if so, what steps are you taking to ensure that those devices are adequately protected using up to date anti-malware and firewalls.
Where possible, we would recommend that customers provide staff with company-owned devices to access company data.
All corporate devices should have high quality anti-malware and antivirus software installed. However, with an increase in phishing attacks, targeting those interested or concerned about the coronavirus, you should implement further methods of protection, and the following should be a consideration:
Boundary firewalls and internet gateways. Check the configuration and use of appropriate firewalls and gateways to protect devices by monitoring traffic and blocking potentially harmful traffic.
Secure settings and configuration. Use the most secure settings for devices and software, such as strong passwords and multi factor authentication.
Access control. It is an unfortunate fact that human error is a major contributor to security breaches and so long as systems have users, there will be security risks. Whilst human error cannot be mitigated entirely, controlling access to company data through user accounts offering different levels of access to software and data does limit the impact of breaches.
Protection from viruses and malware. Use appropriate and strong malware protection, such as Defender for Windows.
Patch management. Organisations that are running older versions of software aren’t benefiting from the most up-do-date security protection, which means that they may be vulnerable to security risks for which patches are already available.
Employee Awareness. Phishing e-mails are one of the most effective ways for cyber criminals to gain access to your personal information, both in the workplace and at home, and they are currently using the Coronavirus to their advantage. All a user needs to do is open the e-mail, input credentials or click a link, and a malware attack is launched. So we advise you run a fake email test internally to measure how many people fall victim.
Following this, you should advise your team to look out for the following suspect traits:
These e-mails will be looking to achieve two things, either gain your credentials, or install software to steal your data. Both are extremely harmful, so you need to be vigilant during this time.
Ensuring you have the right programmes and systems accessible to your employees is imperative, and cloud based solutions are best placed to support those who need to work remotely. As A Microsoft Partner, we know Microsoft 365 is best placed to achieve this, and it includes a plethora of applications outside of the basics, like Word and Excel. We think the essentials for business are:
Microsoft Teams: This application allows employees to connect regardless of where they are, it’s a cloud based messaging service that supports group chats, calls and web conferencing, and it’s not just available on desktop, it can be used to facilitate calls on your mobile too. In order to ensure your business continues to run, communication will be key and a solution like Teams will be crucial.
SharePoint Online: As a basic concept it’s an intranet for staff collaboration and file storage. Using this application will allow your team to upload and access the latest company documents, all in one area. Our customers already using SharePoint with company owned laptops have found themselves able to work from home – or anywhere else – just as effectively as when they are in the office
Intune Device Manager: If using personal devices is required, this app allows you to protect business confidential data, while granting employees permission on the devices and apps they choose. Although it’s not a programme your employees be using directly, Intune will give you peace of mind if any equipment goes missing; with this app you can track, monitor and wipe company data from personal devices remotely if required – leaving the user’s personal data and settings intact.
OneNote: This platform enables remote workers to stay organised, share meeting notes and agendas, and collaborate with other team members. It’s also updated in real time, so great if other colleagues need to check for working updates.
Microsoft Planner: This application facilitates group working, and allows users to assign and organise work. In essence, tasks are streamlined, assigned deadlines and allocated users. This one will be great to keep track of projects, individual workloads and how much is being achieved.
Can your employees’ wireless network and internet connection cope with the additional demands of extra devices running numerous complex applications? Expectations around speed and reliability, plus extra bandwidth required from mobile devices, means their current wireless network and / or Internet connection may struggle to deliver the performance they need. In this case, it’s sensible to also have a backup solution. It’s common to now have unlimited data on mobiles plans, so it’s worth noting these can be used to hotspot additional devices.
Once employees are equipped with the right devices, request they run a speed test to check the quality of their connection is sufficient. We recommend you do this via Speedtest.