Last year was a record year for cybersecurity breaches, malware attacks, and data leaks — and if the first few months are any indication, this year will bring on a new slew of record-breaking incidents as well.
But it isn’t only the record-breaking headlines you should worry about. While massive data breaches, like last year’s Target and Equifax incidents, get the most media attention, it is easy to assume that smaller businesses or organizations that haven’t been targeted yet won’t be under attack soon.
But hackers know that larger enterprises are usually better protected and target smaller enterprises and medium size businesses — especially in industries that store and manage massive amounts of data, such as finance, healthcare, and law/government organizations.
In addition, hackers are constantly becoming more sophisticated — always trying to outsmart the latest security and antivirus software. For example, Microsoft has detected an increase of 250% in phishing between January and December of 2018.
If you haven’t implemented zero-tolerance security policies and adequate threat protection infrastructure, such as the Windows 10 Advanced Threat Protection, now is the time to buckle down!
But when it comes to cybersecurity protection, even the best security infrastructure and apps only go so far. It is the end users that are your simplest and most effective defense — or your weakest point. This can only be achieved by
Since creating a security-aware company culture is a very ambiguous venture, I want to share some tangible examples of what you can actually DO to help foster this. Here are six ways to significantly tighten up your security culture:
End users are very protective of their devices. So, empower them to take responsibility for their own device by providing your end users with the analytics, insights, and tools to not only diagnose how to improve the health and stability of their device, but tools to do it themselves. One example of how to do that is through Access Agent’s Health Score app which is almost like the Karma Credit app, but it shows the users how healthy their device is based on an individual score and gives recommendations on how to improve it.
User Account Control (UAC) is a fundamental component of Microsoft’s overall security vision. It helps mitigate the impact of malware by enabling users to perform common tasks as non-administrators and as administrators without having to switch users, log off, or use Run As.
Long gone are the times when you could roll out a new operating system every three to five years. With the adoption of Windows-as-a-Service and Office 365, enterprises are now forced to continuously upgrade. While that sounds like an awful chore, it actually is a good thing. By keeping your endpoint always up-to-date (evergreen), you ensure that centralized group policies are collected and applied, and the endpoint is restarted on a regular basis.
Traditionally, all applications were allowed to be installed unless they were on a “not allowed list”. This approach is called “blacklisting”. However, with the ever-growing security threats, this isn’t a safe way to manage your applications anymore.
Sami Laiho, world-renowned security expert, and other security professionals are strongly advising to switch to what is referred to as “Whitelisting” — not allowing any application unless it is allowed.
The best security culture is for naught if you don’t have a mechanism or an agent that constantly scans your environment for exceptions or possible security concerns. For example, you will want to know if users with revoked privileged access rights are trying to access your environment or detect the use of non-whitelisted or blacklisted software.
Should you find a vulnerability, or should anything go wrong and you are being attacked, timing is of the essence. You will want to be able to roll out a security patch across a whole environment (or only certain devices with specific configurations) with the click of a button. The faster you can isolate and fix the issue, the more contained the problem will be and the less damage can be done.
Every larger organization deploys multiple agents — for various reasons. For example, you could use your SCCM Client used for all software installations, software metering other other desktop management tasks, Lakeside Systrack for software health monitoring, or Avecto Defendpoint used for application whitelisting controls. Or maybe you are using application personalization agents, like AppSense or Microsoft’s user personalization, to configure user based application settings controls.
Whatever you are using those agents for, the health of each and any of the products can become unstable. Once they break, they cannot send information to the operations teams and dashboards for proactive monitoring. Sometimes you do not even know that an agent isn’t working anymore.
That is where Access Agent’s endpoint control comes in. It enables you to maintain the health of your other meaningful agents across your environment. For example, our SysTrack Repair add-in has been in production for just over a year and it picked up and repaired automatically thousands of issues.
What are your go-to security practices that you rely on? Or maybe you have a cautionary tale to share that would help your peers not to make the same mistake? Please feel free to share in the comments.