rwt-as logo
Story image

Three ways businesses and employees can stay smart online

13 Oct 2017

People are the potential weak links in the fight against cybercrime, but with effort businesses and employees can work together to protect themselves and their organisations, according to Palo Alto Networks.

According to the company, it takes just one unwary employee to share their password or plug in an unauthorised device to put a company at risk - and compromise their entire network. As such, it is crucial for businesses and employees alike to stay smart online.

“Employees don’t usually want to harm the business they work for but it’s human nature to make mistakes, or to misunderstand the level of risk. Businesses need to educate employees and ensure they’re taking simple steps to stay smart online,” comments Palo Alto Networks regional vice president A/NZ, Ian Raper.

Here are three key areas in which risk can be introduced to an organisation:

1. Employees working from home or remotely

In many cases an employee’s home network is nowhere near as secure as the corporate network, creating a vulnerability that hackers can exploit. This can be particularly lucrative if the employee accesses sensitive or commercially-valuable information from home. So businesses must:

  • protect remote devices by implementing security software and installing the latest versions of applications and security patches immediately. Mobile devices should be remotely wipeable in case they fall into the wrong hands
  • require employees to use strong passwords and two-factor authentication
  • prohibit employees from storing information on their personal desktop
  • use a virtual private network (VPN) to protect traffic and prevent tampering with data.

2. Credential theft and phishing

Hackers still steal people’s passwords and credentials because it remains one of the fastest and most effective ways to gain access to networks. There are three key components to blocking phishing attacks:

  • educating employees so they understand what a phishing attack looks like and what to do if they suspect they are being targeted
  • creating processes that reduce the chances of employee errors resulting in credential-based attacks. This can include measures such as flagging phishing attempts, resetting passwords, automatically blocking suspect sites and emails, and understanding how sensitive resources can be protected
  • implementing technology such as threat intelligence tools to identify and prevent employees from visiting phishing sites.

3. Human error

People will always be the weakest link in the cybersecurity chain but it is possible to reduce the amount of error. This includes:

  • incorporating security awareness into the organisational culture through relevant, frequent training (perhaps using gamification to increase engagement)
  • moving beyond a compliance-driven approach and showing employees how to protect their personal data, which can then extend to protecting the organisation
  • limiting the number of employees with administrative access, which shrinks the risk footprint.

“Too many businesses still focus on threat detection and mitigation when they should be focusing on prevention. By strengthening their employees’ awareness of and commitment to cybersecurity, businesses can dramatically reduce the chances of a breach occurring at all,” Raper concludes.

Story image
Artificial intelligence key to NZ's economic future - report
"During this time, the value of human-machine collaboration has never been clearer."More
Story image
Gartner: Security leaders must balance risk, trust and opportunity
Security and risk leaders must focus on balancing risk, trust and opportunity to help maintain the ability of their organisations to function.More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
APAC 5G digital factory market to reach US$60 billion by 2030
"5G will bring many use cases into play for APAC, which is extremely beneficial to the economy and technological progression."More
Story image
Blue Prism extends human-to-digital worker collaboration with new Interact capability
Blue Prism Interact is a human-to-digital worker collaboration capability that enables employees to team up with digital workers to initiate, instruct, verify, receive, and authorise a variety of business processes through the digital workforce.More
Story image
Fiverr launches platform to bring freelancers closer to business
Fiverr says it wanted to create an integration that could fit into an organisation’s workflow and become ‘part of the digital onboarding experience’ for employees, meaning freelancers can access email, Slack, Dropbox, and the Fiverr Business team account.More