To have a fighting chance against the IT security threats of today’s workplace employees need to be informed and pro-active when using the internet. Having company firewalls and antivirus in place doesn’t mean you can rest easy; viruses, spyware and malware are evolving so quickly that it’s inevitable something will slip through. We have compiled the following tips to help employees minimise the risk of infection and attack.
1. Don’t click on email links or attachments without attempting to verify their source.
You’re told not to – but you still do it! Many users forget to be wary of links and attachments within email mes
sages, regardless of the source. Simply clicking on an email link or attachment can, within minutes, corrupt your machine, infect other machines and destroy critical data.
A sophisticated exploit can take on the guise of a normal document, similar to what happened to EMC back in 2011. A hacker sent emails to EMC employees that included an attachment called ‘2011 Recruitment Plan.’ Seems harmless enough right? And curiosity might get the better of you. It did for one employee who opened the attachment, enabling an IT security breach and allowing the hacker to gain access to sensitive company data.
Antivirus should auto scan for viruses, but as new strains of these viruses emerge every minute some can get through the barriers. No antivirus package can provide 100% protection at all times – when a new virus is discovered the antivirus provider will quickly try to create and deploy a fix but it won’t be immediate – meaning there are times when a virus can intercept your network. This is why it is so important that the antivirus on your machine is kept up to date.
Use common sense – read unknown or suspicious emails carefully and don’t click on them. Ask your IT team if you are unsure about an email you have received – they will be able to tell pretty quickly if it’s a threat.
2. Disable auto-run when connecting external devices to your machine.
Many viruses work by attaching themselves to a device, auto-installing themselves on any media connected to a system. As a result, connecting any network drives, external hard disks, or even USB keys can result in the automatic propagation of such threats. You can disable auto-run yourself and instructions for doing so on the Windows OS can be accessed here.
The moral of the story – be careful about using personal USB sticks and external hard drives in the workplace. You might think nothing of plugging one into your computer but you are essentially brining a personal device into a corporate network that will not have been subject to the same protection as devices housed within the office network. Trust us – you don’t want to be ‘that guy’ who brings the office network down, or worse, loses their job over it.
3. Disable image previews in your Outlook email messages.
It is recommended that you disable image previews when you receive an email in your Outlook inbox. Hackers can use code hidden in the graphics which is used to enable the execution of a virus which can result in infection.
By default, newer versions of Outlook do not auto display images. If you need to disable image previews in Outlook you can do this easily yourself in less than a minute: Click on ‘File – Options – Trust Center’ and click on ‘Trust Center Settings’ and tick the box that says ‘Don’t download pictures automatically in HTML e-mail messages or RSS items.’
4. Surf and download more safely.
Download programs only from websites you can trust. If you’re not sure about what you are about to download – type the name into Google to see if anyone has reported that it contains spyware. Be mindful of files that end in the extensions .exe or .scr. These file types are commonly used to hide malware.
5. Be careful when visiting social media sites.
It’s easy to let your guard down when browsing Facebook, Twitter or LinkedIn. But don’t assume that all links on these sites are trustworthy. Twitter users have been regularly caught out by clicking links in tweets which they thought were safe. Facebook has also been hit with security issues. We advise you not to click on any of the Facebook ads you see unless you are 100% sure it’s safe. And trust us – the ad that says you have won the holiday of your dreams is just that – a dream!
The risks are real.
These IT security risks are real – if a hacker breaks into corporate network there is a real chance it could bring down the entire organisation. These steps may seem simplistic but the importance of implementing them cannot be taken lightly. Always be wary of unexpected emails, links, website popups and treat anything you weren’t expecting with caution. Your IT team will always be there to help – but they would prefer to be working to keep your business safe rather than trying to rescue it from an IT disaster.