Prepare to be amazed as your users open suspicious email attachments with the greatest of ease!
91% of successful data breaches start with attackers infecting an endpoint via a phishing attack.— National Counterintelligence and Security Center
End users. As someone in charge of cybersecurity at your company it's your job to keep them safe — even if sometimes it seems like they're hell-bent on making that job impossible.
We may want to believe security is always top of mind for our users, but the truth is they have other goals and priorities. They want to download new tools. They want to share and open attachments. They hold off on installing that new update until they're done with just one more thing...
In short, they have jobs to do. And because they feel the heat to get them done as quickly and easily as possible they often make rash decisions. Who has time to stop and think before you click when you have a mile-long to-do list and deadlines piling up?
Employees trip up and make mistakes. Expecting otherwise isn't realistic. The sooner we all acknowledge that the sooner we can do two critical things:
- Develop security awareness training that is far more effective.
- Provide users with "safety nets" that prevent those (inevitable) errant clicks from becoming catastrophes.
Good security reduces risk by assuming the worst can and will happen. Here are five ways to plan ahead and take the sting out of a user's mistake:
1) Backup, backup, backup
If worst comes to worst, having reliable backup gives you the option of nuking a machine and restoring it to its happy infection-free state. Of course, relying totally on backup isn't a foolproof option. How much data you'll actually be able to recover can depend on several things, including how often your backups are running.
With the rise of ransomware, having the ability to wipe a machine and restore files is more important than ever, making backup one of the most important security safety nets you can have.
2) Automate patch management
One of the ways attackers deliver malware and gain access to user machines is by using exploit kits designed to take advantage of vulnerabilities in the software users are running. Making sure software is patched and up-to-date can help keep users safe from drive-by-downloads and sites infected with malvertising.
WIth the amount of patches issued from vendors like Microsoft, Adobe, Apple, and others managing security updates is much more challenging that it used to be. Automating the process as much as possible with tools like Windows Server Update Servies, PDQ Deploy, and Comodo One can help.
3) Restrict user access and permissions
In the majority of cases, leaving users with local admin rights is more of a liability than anything else. That's because while the majority of users will never actively take advantage of them, if their machine gets compromised attackers most certainly will.
Limiting user access to only what they actually need can mean the difference between an isolated incident and a crisis that spins out of control.
4) Block certain file types
IT professionals have been trying to persuade employees not to open email attachments for years and years. The problem is, not only does that advice have a hard time sinking in, cyber criminals have also gotten much better at creating phishing emails that appear to be legit.
It's important to stick with training to help employees learn how to spot the tell-tale signs of phishing emails, but blocking certain file types (such as .exe and zip files) can provide some additional insurance. Attackers can infect more common file types like Word docs with malware, too, so you may also want to consider blocking macros.
5) Install endpoint protection to compensate for antivirus blindspots
Advances in endpoint security software can help you pick up protecting users where antivirus leaves off. The majority of today's malware is able to slip by antivirus technology, but by using behavioral analysis, new endpoint solutions like Barkly's are able to spot advanced and even never-seen-before malware and stop it in its tracks.
With endpoint protection installed, a user can mistakenly download and execute an infected email attachment but the malware will be stopped before it has a chance to do any harm.
The primary focus of any good security program should be on prevention — preventing users from getting infected in the first place, and preventing additional fallout and damage if and when they make mistakes.
Don't pay for user mistakes — prepare for them! Get more tips in our free endpoint protection guide by clicking the button below. There's no form to fill out so check it out and let us know what you think.
Image courtesy of the Boston Public Library