Five top tips for end user security

Please note: This post was written by Highlander prior to their rebrand to FluidOne Business IT - Sheffield.

The task of securing the modern network is a continuing challenge for IT teams, especially as users increasingly look to work remotely using a multitude of mobile devices. But much as empowering your users to work the way they like and from wherever they like delivers so much reward, this inevitably exposes a greater level of business risk. The harsh reality is that no matter how secure your network, user action (either intentional or unintentional) is often the most likely cause of security breach.

There are many examples of users inadvertently bringing Ransomware and other viruses into their business, one simple mistake with the potential to lock out an entire IT estate. As such, it’s vital that your users are fully aware of the risks of working remotely, and how best to avoid them in the future.

That’s why I’ve put together my five top tips to help keep your end users secure:

Email is one of the main infection points, with many potentially harmful cyber security threats designed to infiltrate a network via this route. Viruses can be hidden behind malicious links or email attachments, and the email accounts of senior colleagues impersonated to trick finance teams into making payments to third-parties.

These breaches are not only disruptive, but financially devastating for a business, so ensuring you and your users are appropriately educated to identify and respond to suspicious or fraudulent emails is vital. Checking the email domain is always a good place to start and asking the supposed sender via another route if possible is also advisable. If you’re still in doubt, it’s best to contact a member of your IT team before you do anything else.

Building a strong social media presence is important for any organisation, and engaging with your audience plays a major role within any social strategy. But this potential avenue has not gone unnoticed by hackers, who are now targeting businesses via their social media accounts, creating fake social media profiles to phish for business information which could potentially be used to gain access.

As such, it’s wise to be cautious regarding the company details you share on social media and to avoid giving out any more information than is required to anyone you interact with.

This one might seem obvious but missing just one of the regular updates for your operating system or anti-virus software could leave your device exposed to emerging cyber security threats.

We generally find that the majority of our customers are very good at staying on top of this, but it’s important to remain diligent and to act on any desktop or genuine email alerts you may receive, either by performing the update yourself or informing a member of your IT team to do it for you.

Even though the data held within your network might be protected, you may not have considered the data sitting on any physical media like laptop hard-drives and USB keys. These devices are attractive targets for theft and in some instances easily misplaced when you’re working on the move. In the wrong hands, criminals can potentially use the data to infiltrate your network or profile your business to sell information to others. Thankfully, data encryption can help to keep data safe.

If you or any members of your team are travelling or regularly working away from the office, it would be wise to ask your IT team to encrypt any physical media to ensure data is rendered unusable should the unthinkable occur.

We all connect regularly to public hotspots, but have you ever stopped to consider whether this wi-fi access is genuine? False hotspots are often planted in public locations with the hope of catching out unsuspecting users to gain access to the data held on their devices. Some networks can even monitor every mouse click or key stroke, allowing hackers to crack passwords and access protected or confidential files and accounts.

The best way to avoid being caught out is to simply avoid using public hotspots whenever possible. Use an internet dongle or connect to your own mobile phone as a personal hotspot. And if you do need to access a public network, make sure you check whether it’s genuine first. Ask a member of staff if they provide a hotspot and check the details with them before you connect.

The good news is that you don’t have to tackle these challenges on your own. You can always call on us to help with any aspect of your cyber security, whether that be anti-virus software, network security or device encryption. Our own expertise combined with that of our extensive portfolio of industry-leading partners ensures we deliver the latest security solutions to our customers. To learn more or to discuss your requirements, get in touch with a member of the team.