One of the most common ways a system’s security is breached is through downloaded malware. In almost every case where malware is installed, the user was tricked into downloading it.
A common trick used by hackers is planting malware in software hosted on warez and torrent websites. When users visit the site, they are informed that they need to download the software in order for the site to load properly. Once downloaded, the malware infects the system. In other cases, hackers send emails with a malware-infected attachment.
There are an abundance of ways you can be tricked into downloading and installing malware. Luckily, there are steps you can take to avoid this:
Many users are logged into their computers as admins. Being an administrator allows you to change all settings, install programs and manage other accounts.
If a hacker manages to access your computer with you as the admin, they will have full access to your computer. This means they could install other malicious software, change settings, or even completely hijack the machine. The biggest worry about this, however, is if a hacker gets access to a computer used to manage the overall network. Should this happen, they could gain control of the entire network and do as they please.
To avoid this, limit the administrator role only to users who need to install applications or change settings on the computer. Beyond this, installing security software like antivirus scanners and keeping them up to date, as well as conducting regular scans, will help reduce the chances of being infected, or seeing infections spread.
These days, it seems like almost every security threat is trying to infect your IT infrastructure from the outside. However, there are many times when malware is introduced into systems, or data is stolen, because someone has physically accessed your systems.
Let’s say you leave your computer unlocked when you go for lunch and someone walks up to it, plugs in a malware-infected USB drive, and physically infects your system. They could also access your system and manually reset the password, thereby locking you out and giving them access.
Secure yourself by setting up a password to control access to your computer. You should also lock, turn off, or log off from your computer whenever you step away from it.
Beyond that, disable drives like CD/DVD and connections like USB if you don’t use them. This will limit the chances of anyone using these removable media to infect your computer.
We’ve seen a number of infections and security breaches that were carried out by a disgruntled employee. They could delete essential data, or remove it from the system completely. Some have even gone so far as to introduce highly destructive malware. The most effective way to prevent this, aside from ensuring your employees are happy, is to limit access to systems.
Your employees don’t need access to everything, so re-examine what your employees have access to and make the necessary adjustments. For example, you may find that people in marketing have access to finance files or even admin panels. Revoke unnecessary access rights and ensure that employees only have access to the files they need.
Your password is the main way you can verify and access your accounts and systems. The issue is, many people have weak passwords. With the steady increase in the number of stolen user account data, it could only be a matter of time before they can crack your password and compromise your account.
To add insult to injury, many people use the same password for multiple accounts, which could lead to a massive breach. Therefore, you should use strong and different passwords for your accounts.
To further enhance your password security, utilise multifactor authentication (MFA), which uses more than one method of verifying a user’s identity, such as a fingerprint or a one-time code.
If you are looking to learn more about securing your systems, contact us today to learn how our services can help.
Decisions from the critical to the mundane can be challenging if you're not able to keep up with the latest in cybersecurity. Our Business Technology Managers (BTMs) are your guide to making the best of security decisions with your technology budget.
If you need our assistance, call us on 1300 307 907 or contact us via the form below.
Published with permission from TechAdvisory.org.