The problem is not only connected to the classical PC usage but and more importantly to the common usage of smart devices like mobile phones and tablets which are connecting to the company site. These devices often lack any form of protection and are considered to cause the biggest risk of infiltration.
Nowadays, during the crisis of the traditional workplace (office), people tend to work either from home or on the way. This trend has a major influence on the IT security. 59% of experts agree that the biggest problem Is a weak authentication and according to 45% of experts the major security risks are caused by the usage of public wi-fi sites which often lack any form of authentication.
This sad reality is being made even worse by the fact that the number of attacks is significantly rising from the beginning of 2020. 52% of organizations experienced some form of IT attacks in 2020 compared to 37% in 2019. Most of these attacks had been caused by malware. Almost 40% of home workers had also accessed company sources even after their device was attacked – they were mainly using e-mail and company application in the spite of possible security breach. About 11% of workers were also accessing company cloud services.
The awareness of such a problem between affected workers is not reflected in statistics as this is almost impossible to find out. The same applies to their reaction as we cannot know if they have done anything to protect their devices in a better way after being attacked. However, we know for sure that the prevention is the key. Employers should pay more attention to set up the devices their employees use and make proper actions to secure their site in a suitable way. Now let us have a look on some concrete examples of simple solutions that literary anyone can do.
Encrypt the end points.
Encryption of data which are saved on the end device (notebooks, PCs and so on) is one of the best ways of protecting your company. It is also especially important to know that not every platform is able to support data encryption and it is therefore necessary to think about either changing from the current security or involving other methods of protection.
Use strong passwords.
Make it a company policy that your users will use strong passwords not only on their working PCs but also on every other device they use for connecting to company site. Strong password is the simplest and sometimes amazingly effective and cheap way of protecting your data.
Install obligatory security software.
Antivirus programs, firewalls and other such tolls are on majority of work devices. This however is not the case of clever mobile phones, tablets and IoT. These are the easiest and most common entry points for malicious activity such as a cybernetic attack. It is also incredibly important to always keep your security software up to date, as they are regularly updated to the latest security trends.
Educate end game users.
Much has been written about the importance of IT education, but it is still not enough. Increase your cybernetic hygiene, spread the core points of security through the company, explain to your employees what a phishing e-mail is and make them part of security system. It has been proven that informed and properly aware end-point user is the best defence against any threat.